Security is shared
Security is a shared responsibility. Monario protects the service and vault design, while users must protect their account, device, encrypted backups, and vault password.
Monario local encrypted vault
Monario keeps financial data in a private encrypted vault on the user’s computer. A free account may be used for activation and access management, but local vault financial data is not synced unless the user enables Monario Plus sync. The desktop runtime owns local vault creation, unlock, save, backup, and export.
Monario Plus encrypted sync
Monario Plus stores an encrypted synced copy so a user can use Monario on the web, keep desktop in sync, and prepare for future mobile sync. Vault records are encrypted before upload and decrypted locally by the user’s device.
No clear financial data in app database
Monario’s app database should contain normal account metadata, auth metadata, billing/subscription metadata when applicable, sync metadata, and encrypted sync blobs for Monario Plus users. It should not store clear transactions, balances, budgets, account names, CSV imports, categories, or notes.
What Monario can and cannot see
| Data type | Stored where | Can Monario read it? |
|---|---|---|
| Account email/auth metadata | Auth provider/app database | Yes |
| Mandatory auth/security logs | Auth provider/app database | Yes, minimized security metadata only, no financial vault data |
| Subscription/billing metadata, if paid plans are enabled | Payment provider/app database | Yes, limited metadata |
| Support messages and attachments | Support/email systems | Yes, if user sends them |
| Monario local vault financial data | User computer/device | No |
| Exported .mvault backups | User-controlled file storage | No, unless user shares the file/password |
| Monario Plus encrypted sync vault | Sync storage/app database | No clear financial data, encrypted before upload |
| Analytics events, if enabled | Analytics provider/app database | Yes, minimized product events only, no clear financial data |
Password responsibility
Your vault password protects your vault and is separate from your account password. If you lose the vault password and do not have another unlocked copy or recovery method, vault contents may be unrecoverable.
Export and backups
Monario users should export encrypted .mvault backups manually. Monario Plus adds automatic encrypted backup and sync, but users should still understand where local copies exist and verify restore flows before relying on them.
Secure transport
Monario uses HTTPS/TLS for transport between browsers and service infrastructure. Secure transport protects data in transit but does not replace vault encryption or device security.
Database access controls for user-owned records
Database-level access controls are used for user-owned metadata and encrypted sync records. Access policies should isolate user records and prevent one signed-in user from reading or writing another user’s rows.
Auth and security audit logs
Monario keeps mandatory auth/security audit logs separately from optional product analytics. These records support account integrity, abuse prevention, and security investigation.
Auth/security audit logs are minimized and should not include financial vault data, account names, transaction descriptions, CSV content, notes, raw user agents, or browser-supplied IP addresses.
No service-role keys in browser
Service-role keys and other privileged server secrets must not be exposed in browser-delivered code. Browser code should use public client configuration only, with server-side privileges reserved for trusted server contexts.
Incident response process
Monario maintains an incident response process for confidentiality, privacy, and security incidents. The process includes triage, containment, impact review, remediation, documentation, and user or regulator notice when required by applicable law.
Architecture summary
Monario vault: user computer -> encrypted local vault -> optional encrypted .mvault backup. Local vault financial data does not require server sync.
Monario Plus encrypted backup and sync: user device -> encrypt locally -> encrypted sync storage -> web or another device decrypts locally.
Important limits
- No system removes every risk.
- Encryption reduces risk but does not remove every risk.
- Users must protect account credentials, devices, exported .mvault backups, and vault passwords.
- Users should review imported CSV data and exports before relying on reports.