privacy policy

last updated: 9 April 2026

our promise

beanies.family is built on a simple belief: your family's data belongs to you. we don't collect it, we don't store it on our servers, and we don't sell it. ever. this isn't just a policy — it's the foundation of how we built the app.

how beanies.family works

beanies.family is a local-first application. this means your family data — finances, activities, goals, to-dos, and everything else — lives on your device. it is never transmitted to our servers because we don't have servers that store your data.

  • local storage: all family data is stored in your browser's IndexedDB, encrypted at rest
  • no accounts on our servers: we don't maintain user accounts, databases, or profiles on any server
  • no cloud dependency: the app works fully offline — no internet connection required after initial load

data we do not collect

to be absolutely clear, we do not collect:

  • your financial data (accounts, transactions, balances, budgets)
  • your family information (names, relationships, activities)
  • your goals, to-do items, or travel plans
  • your passwords or encryption keys
  • your location data
  • your contacts or address book
  • any personally identifiable information (PII) on our servers

analytics

we use Plausible Analytics, a privacy-friendly, cookie-free analytics service. Plausible does not use cookies, does not collect personal data, and is fully compliant with GDPR, CCPA, and PECR. it tells us aggregate information like:

  • how many people visit the site
  • which pages are most popular
  • what countries visitors are from (approximate, based on anonymised IP)
  • which features are used most (aggregate counts only)
  • how often people sign in (aggregate login counts, not individual tracking)
  • what devices and browsers are used

no individual user can be identified from this data. Plausible's full privacy policy is at plausible.io/data-policy.

google drive integration (optional)

if you choose to enable Google Drive sync, your family data file (.beanpod) is encrypted on your device before it leaves your browser, using AES-GCM encryption with a key that only you control. we never see the unencrypted contents.

  • encryption: your data is encrypted locally using the Web Crypto API (AES-GCM) before upload
  • your key, your control: the encryption key is derived from your passphrase and never leaves your device
  • google's role: Google Drive acts as a storage medium only — we access only the app-specific folder created by beanies.family
  • OAuth scopes: we request only drive.file scope, which limits access to files created by our app
  • revocable: you can disconnect Google Drive at any time from Settings, and revoke access from your Google account

google authentication

when you sign in with Google, we receive basic profile information (name, email, profile picture) from Google's OAuth service. this information is:

  • stored only in your browser's local session
  • used solely to identify family members within your local data
  • never transmitted to or stored on our servers
  • cleared when you sign out

cookies

beanies.family does not use cookies. we don't use tracking cookies, advertising cookies, or any third-party cookies. Plausible Analytics is also cookie-free.

third-party services

the only third-party services the app connects to are:

  • Google Fonts: to load the Outfit and Inter typefaces
  • Plausible Analytics: privacy-friendly, cookie-free analytics
  • Google Drive: only if you explicitly enable it — encrypted data only
  • Google OAuth: only when you choose to sign in
  • ExchangeRate API: to fetch currency exchange rates — no personal data is sent

data portability & deletion

  • export: you can export your family data file at any time from Settings
  • delete: clearing your browser data removes all local data. if you use Google Drive sync, you can delete the .beanpod file from your Drive
  • no lock-in: your data is yours — we provide export functionality so you're never trapped

children's privacy

beanies.family is designed for families, which may include children. since all data is stored locally on the parent's or guardian's device and we collect no personal information, there is no data processing of children's information by us. the family owner controls all data.

security

  • encryption at rest: local data is encrypted in IndexedDB
  • encryption in transit: Google Drive files are AES-GCM encrypted before upload
  • no server-side data: there is no server to breach — your data lives only on your devices
  • open source: our code is publicly auditable on GitHub

changes to this policy

if we make changes to this privacy policy, we will update the "last updated" date at the top of this page. since beanies.family is open source, you can also review changes in our GitHub repository.

contact

if you have questions about this privacy policy, please reach out via our homepage or open an issue on GitHub.