Is Steady Safe? How We Protect Your Financial Data
Bank-grade encryption, open banking regulations, and NZ Privacy Act compliance — here's exactly how Steady keeps your money data secure.
Weekly insights on saving, spending, and making your money work harder. No spam.
"Is it safe to connect my bank account to an app?" It's the most common question we get. Here's the honest, detailed answer.
How Steady connects to your bank
Steady uses Akahu — New Zealand's regulated open banking platform. Here's what that means:
Your bank login stays with Akahu
When you connect your bank in Steady, you're redirected to Akahu's secure page. You log in there. Steady never sees, stores, or has access to your bank password. Period.
Read-only access
Steady can see your account balances and transaction history. It cannot make payments, move money, or change anything in your bank accounts. It's like looking through a window — you can see in, but you can't reach through.
Revoke anytime
You can disconnect your bank from Steady at any time in Settings. This immediately revokes Akahu's access to your accounts. You can also revoke access directly at my.akahu.nz.
Encryption
In transit
All data between your phone, Steady's servers, and Akahu is encrypted with TLS (the same encryption your bank uses). Nobody can intercept your data in transit.
At rest
Sensitive data (like OAuth tokens) is encrypted with AES-256-GCM — the same standard used by governments and banks. Even if our database were somehow accessed, the encrypted data would be unreadable.
NZ regulations
Privacy Act 2020
Steady complies with the New Zealand Privacy Act 2020. You have the right to:
- Know what data we hold about you
- Request a copy of your data (Settings → Export)
- Request deletion of all your data (Settings → Delete Account)
- Complain to the Privacy Commissioner if you believe your privacy has been breached
FMA oversight
Akahu operates under the Financial Markets Authority (FMA) framework. As NZ transitions to official regulated open banking, Akahu is leading the compliance work.
What about AI?
When you use Steady's AI assistant, financial context is sent to Anthropic's Claude API:
- Spending totals and categories
- Recent transactions (merchant + amount)
- Goals and bills
What is NOT sent:
- Your name or email
- Bank account numbers
- Your bank login credentials
Anthropic does not train on data sent via their API.
What we don't do
- We never sell your data
- We never share individual data with advertisers
- We never access your bank credentials
- We never make payments from your accounts
- We never store your data outside of encrypted databases
The bottom line
Steady is as safe as your banking app. We use the same encryption standards, we're regulated by the same NZ authorities, and we give you full control to export or delete your data at any time. The only difference is that Steady can see across all your banks — giving you a complete financial picture in one place.
Written by the Steady Team
Steady is a personal finance app built in New Zealand. We help Kiwis track spending, set savings goals, and understand their money — without spreadsheets or manual budgeting.Learn more about us
Suggested reads
More from the Steady blog
What Is Open Banking and Why Should NZ Care?
Open banking is coming to New Zealand. Here's what it means for your money, your privacy, and the apps you use.
What is Akahu? Open Banking in NZ Explained
How Akahu connects apps to your NZ bank account, why it's safe, and what it means for personal finance in New Zealand.
How AI Is Changing Personal Finance in New Zealand
From auto-categorising transactions to answering plain-English money questions — here's how AI makes managing money easier for Kiwis.
Ready to sort your money?
Steady connects to your NZ bank accounts and helps you track spending, set goals, and get AI-powered insights.
Try Steady free