P
Prism Finance
Back to Sales Home
100% Cryptographically Guaranteed Privacy

Privacy & Security Whitepaper

At Prism, we believe your personal finance details are your business. We protect your wealth data through mathematically guaranteed encryption, not terms of service promises.

1. Zero-Knowledge Cryptographic Architecture

Prism utilizes a **Zero-Knowledge** architecture. This means our cloud servers and database administrators possess exactly zero visibility into your financial entries. When you log inflows, categorise budgets, or registry expenses, they are processed locally inside your web browser's Sandbox.

Your data is never transmitted to our Cloudflare workers or stored in the background D1 database in plaintext. Instead, it is compiled, encrypted client-side, and only then synchronized. We have no keys, backdoors, or administrative capabilities to decrypt or read your wealth planner.

2. Encryption Technical Specifications

We employ the browser's native **Web Cryptography API** to enforce industrial-grade encryption. Here is exactly what happens when you activate a Cloud Sync session:

  • Key Derivation (PBKDF2) Your master vault password is fed into a Password-Based Key Derivation Function 2 (PBKDF2) using SHA-256 with 100,000 iterations to derive a secure 256-bit cryptographic key.
  • AES-GCM 256-bit Encryption Your IndexedDB financial records (paychecks, budgets, subscriptions, liability entries, and one-off costs) are serialized into JSON strings and encrypted using Advanced Encryption Standard in Galois/Counter Mode (AES-GCM) with a unique, cryptographically secure 12-byte initialization vector (IV) per record.
  • Encrypted Payload Synchronization Only the resulting encrypted base64 payload strings and unique random IV salts are synchronized to the Cloudflare D1 Sync Worker.

3. Data Sovereignty & Portability

You have absolute sovereignty over your financial data.

  • IndexedDB Storage: All transactions are saved locally on your device in your isolated browser database.
  • JSON Backups: At any time, you can click "Export Backup JSON" inside interface settings to instantly download your entire unencrypted financial portfolio onto a local file.
  • Instant Vault Wipe: Clicking "Reset Workspace" inside settings completely purges all local databases, sync tokens, and cloud sync vaults in a single click.

4. Zero-Tracking Pledge

Prism does not sell data, track actions, or inject analytics:

No Third-Party Cookies We do not drop advertising tracking beacons or cookies.
No Google Analytics Your navigations are entirely private. We do not inspect your session flows.

5. Subscription Pricing & Transparency

We offer two honest billing cycles designed to support the development and sync infrastructure:

  • Lifetime Pass (£199): Paid once. Grants you a lifetime activation sync key valid for all current and future features. No recurring charges ever.
  • Flexible Monthly (£5.99/mo): Rolling monthly subscription. Billed monthly. Cancel at any time directly via your dashboard settings.

Upon checkout, your unique **Prism Activation Key** is emailed to you instantly. This key is used in your setup wizard `/setup.html` to authenticate and register your encrypted vault profile.

Ready to secure your personal finances?

Unlock your wealth commander under a zero-knowledge cloud vault E2EE guarantee.

Access Setup Wizard