Encrypted in transit
Every request between the app and our API runs over HTTPS (TLS 1.2+). The mobile app pins the certificate so a compromised network can't intercept your data.
Security & privacy
Built for groups, not for ad networks.
A plain-English page about what we encrypt, what we store, and the things we choose not to do. No legalese — that's what the privacy policy is for.
What we do
The four practices behind every request between your device and our servers.
Encrypted at rest
Our database lives on encrypted volumes. Daily backups are encrypted too, with rotating keys held in a separate service.
Modern auth
Passwords are stored as Argon2 hashes — never plaintext. Sessions use short-lived JWTs you can revoke at any time from Settings → Security.
Platform secure storage
On mobile, your session token sits in the iOS Keychain or Android Keystore. On the web, it lives in an httpOnly cookie that JavaScript can't read.
Equally important
What we don't do
A lot of trust in this category comes from what a product doesn't do. Here's our short list.
We don't run ads
There's no ad SDK, no third-party tracker, no fingerprinting. Open the app and check the network panel — it talks to one API.
We don't sell or share your data
Your data is not a product. We don't sell, rent, or share it with brokers, partners, or marketers. Period.
We are not a payment processor
Paycent records who owes whom — it never moves money. No card or bank credentials ever touch our servers, because they don't need to.
We collect the minimum
Email, phone, name, and the expenses you choose to track. No location, no contacts, no calendar, no microphone.
What we store, and why
Everything the app sends, where it goes, and the reason it exists.
| Category | What | Why |
|---|---|---|
| Identity | Email, phone, display name, avatar | Sign in, sync across devices, verify your account. |
| Group activity | Groups you're in, expenses you log, payments you record | Power the product — split expenses, compute balances, show history. |
| Preferences | Currency, language, theme | Make the app feel like yours across devices. |
| Diagnostics (optional) | Anonymized crash reports, error traces | Find and fix bugs. We don't tie this to your identity. |
Controls you have
Privacy without controls is marketing. Here are the levers you actually own.
Revoke every session
Sign-out-everywhere kills all tokens — including ones a stolen phone might hold.
Open Security settingsChange your password
Pick a new password any time. Doing so leaves your other sessions intact unless you also sign out.
Change passwordExport your groups
Each group exports as CSV from its settings page. Your data, your spreadsheet.
Open GroupsFound something? Tell us.
If you believe you've found a security issue, email security@paycent.net with reproduction steps. We aim to acknowledge reports within 72 hours.
For everything else, the privacy policy and terms cover the formal version of all this.