fbpx

Tiller’s 12-Point Security and Privacy Promise

“I’m enjoying Tiller and knowing my data is private and not being used to market to me or to generate a profile to sell to other parties.”
★★★★★ Steve Kroes, Google Review

Your Trust is Not for Sale

“I love that my spreadsheets are mine forever, unlike another program I used that became obsolete.“
Vicky Knapp, ★★★★★
Google Review, November 8, 2023

1.Tiller doesn’t make money selling your data or showing ads.

Because Tiller is solely funded by your subscription, we never show ads or sell your data to third parties. Our customers are not our product.
Detailed privacy policy →  

2. Your financial data is stored in your own private spreadsheets 

Tiller doesn’t lock your data into a proprietary format. Your transactions, balances, and categories are stored in standard columns and rows, in spreadsheets owned by you. Your spreadsheets are accessed and managed through your Google or Microsoft account independent of Tiller. 

If you cancel your Tiller subscription, all your imported transactions, balance history, and templates remain untouched in your Google or Microsoft Excel spreadsheet. More here.

3. Your data is protected with bank-grade 256-bit AES encryption

Sensitive data is encrypted in transit and at rest with bank-grade 256-bit AES encryption. 

By default, neither Microsoft nor Google will see your data. You choose whether to feed your data into a Microsoft Excel (desktop or cloud) or Google Sheets spreadsheet. 

4. Tiller securely connects to financial sources via Yodlee

Tiller uses an API from Yodlee to securely access bank information. We chose Yodlee because 15 of the top 20 largest United States banks use and trust the same API from Yodlee to securely aggregate bank data. 

Yodlee is regularly audited by banks, regulators, and independent entities. Yodlee is a publicly-traded company and has undergone 200 audits by financial institutions in the past 24 months.

5. Tiller does not see or store bank credentials

Credentials are encrypted in your browser and passed directly to Yodlee. Yodlee provides a read-only token granting Tiller’s servers access to customer transactions. Tiller is moving swiftly into open banking, ensuring that no credentials ever have to be shared for bank data access (more below).

6. No one on Tiller’s team sees your transaction data

Tiller is unique in our industry in that we’ve designed our processes so our team is blind to customer transactions and balances. This data remains encrypted and private externally and internally. 

We have strict protocols internally to protect other information beyond transactions and balances, including such as user names and email addresses. 

7. Tiller does not pull information that isn’t needed for your spreadsheets

Tiller works to minimize the private data we collect, focusing on that data that is essential to providing our core services for you. We restrict sharing of private data between internal systems.

8. Tiller only has read-only access to bank data

Tiller cannot move, transfer, or invest money. Tiller cannot create new accounts, or change passwords, or modify permissions with any financial institution.

9. Tiller supports 2-Step verification

Customers OAuth with their Google or Microsoft account into Tiller. We encourage all customers to implement Google’s multi-factor authentication. 

10. Tiller is a leader in open banking

Tiller is a leader in open banking, an API-based approach to data-sharing where customers access their bank data without sharing usernames or passwords. Open banking is currently the most secure, reliable, and transparent way to connect financial sources to personal finance services like Tiller. 

Tiller was the very first of Yodlee’s licensees to launch open banking. Yodlee chose Tiller in part because our customer retention rates are among the highest they’ve seen in the personal finance industry. 

We currently support open banking with Capital One, Chase, Citi, Bank of America, Wells Fargo, and Charles Schwab. We’re moving swiftly to include all of the major US banks with our open banking initiative. 

11. Tiller is audited by 3rd-party security firms

Tiller successfully completed recent security audits from Yodlee and an independent security firm, an audit defined in part by requirements from major US banks that are participating in open banking.

12. You can request to have your data deleted

You can request that your data be deleted at any time with a simple data delegation request. Simply log in to the Tiller console and request data deletion via the support chat widget or email support@tillerhq.com. Data deletion requests are confirmed within 24 hours. 

You can choose to delete your Tiller account but keep all data imported to your Google Sheet or Microsoft Excel spreadsheets for your private use, completely independent of Tiller. (See above.)

Included with Tiller

Builder Friendly

Build your own custom financial dashboard powered by Tiller

Helpful Webinars

With Q&A help you get up to speed fast and do more with Tiller

Start Your Free Trial

"There isn’t another tool on the market that does what Tiller can do.”
Will Hinton, Google Review October 30, 2023