Your bank account stays out of reach
Viollet was designed to avoid the riskiest part of finance apps: asking for bank usernames and passwords. We work from notifications, not direct bank access.
Security choices users can understand
The security model is easier to reason about because Viollet avoids direct banking credentials and keeps the product scoped to authorized financial notifications.
No bank passwords
You never enter bank credentials in Viollet. Your bank login stays between you and your bank.
Authorized email only
Viollet processes notifications from the institutions you select and does not organize your personal email.
User control
You can change selected institutions, disconnect Gmail, or stop forwarding notifications.
Honest limits
No online service can promise absolute security, so Viollet keeps access narrow and data handling practical.
Source restrictions
Processing is centered on notification senders and selected institutions, not broad inbox browsing.
Operational logging
Errors and sync events can be logged for reliability without turning logs into a place for unnecessary personal data.
Provider boundaries
Hosting, database, auth, and email providers are treated as infrastructure boundaries with explicit responsibilities.
Practical recovery
If a bank changes its email format, processing can be adjusted without asking for direct bank access.
What this means in practice
These are the practical boundaries that make the product easier to trust during the beta.