Hi, my name is Grace Xue, the founder of Who Stole My Money. When it comes to personal finances, it is only reasonable for us to be sensitive about it. Nobody wants to let everyone know how much they earn, or the exact details of their spending. At Who Stole My Money, we understand the importance of keeping our members' information private and secure, and have put real measures in place since the day Who Stole My Money was just a concept. All of us here at the Who Stole My Money team use the system for our personal money management, so it's fair to say that it is only in our own best interests to have the toughest privacy and security measures possible.
Along with others, I have been working through all aspects of the design, implementation and management of the website, and I can personally guarantee you all of the following:
- Bank level security is ensured. All accounts are protected using 128bit SSL encryption (same as online banking), this means the data you provided to the site can not be read by any third parties (e.g. hijacked by someone). Your password is one-way encrypted and not readable by anyone (not even our staff). This is the reason why if you forget your password, you have to reset it instead of simply retrieving it, because a one-way encryption does not allow the content to be decrypted.
No banking or credit card information is stored in our
system. When the system receives your transactions, it
first strips out any information that are irrelevant for analysing your
finances before inputting them into the database. That is, your bank
account and credit card number, your bank balances are all stripped out. The only information that's imported are the date, amount and
description of a transaction.
All credit card payment is processed through DPS (Direct
Payment Solutions), so no credit card details are stored in our
- Any information and/or data you provide is yours and belongs to you. Our job is to help you understand and transform your data into knowledge, so you can make better financial decisions. We do not access your information for any reason (unless it's authorised by you for support purposes).
- We've gone the extra mile to ensure privacy. Information that can be used to identify you personally is encrypted so no one (not even our staff) can find out who you are. Your personal details and your transactions are also completely separate which means no one can find out whom a particular transaction belongs to.
- We don't believe in "data exchange". We will not sell, rent or exchange your personal identification to third parties. We are independent from the government and will not share or release a member's personal or financial information to anyone (unless it's required by law).
- Responsible email communication. Our target is to send bi-monthly newsletters to keep you posted with all the latest site updates and feature enhancements. From time to time, we also help local communities and will include charitable events in the newsletter.
a. You have full control of what to receive; email configuration is just a button click in your membership settings page.
b. All newsletters are sent automatically by the server, so your personal identity is not revealed.
I hope the above answers some of the questions you may have. If there's anything else on your mind or you'd just like to make a comment, please do not hesitate to do so. Our goal is to make the site work for YOU, and all feedback is welcomed and much appreciated.