Ideals, ethics, and values

These are the guiding principles used while building Budget Zen.

There are some ideas, ethics, and values which are important and guide how Budget Zen is developed. Here's a list of the most important of them:

  1. End-to-end encryption
  2. No tracking in websites, apps, or emails
  3. Open Source

All of these can really just be extrapolated from a simple "data is toxic and dangerous" guideline, and I'll expand on each:

1. End-to-end encryption

No matter the method, it's important that all data is only readable by the final client. It's great when data can be stored only locally, but if it needs to be stored remotely (for synchronization or device sharing, for example), then it shouldn't be stored in a way that's accessible to the service or server providers.

That distinguishes a service like Budget Zen or Seven23 from others like YNAB or Mint which keep your credentials (like username and password) in a way that their services need to access, so they can connect to your financial services or providers and pull and push data.

2. No tracking in websites, apps, or emails

Tracking is creepy. It doesn't matter if we're talking about the physical or digital world. I understand the need for knowing if a certain landing page or app feature or email is more effective than something else, but the data you can get when you enable tracking in all of these is misleading and doesn't tell you much more than a simple "visits count" for your pages, while costing your customers' valuable privacy (and often your own too).

Analytics here exist only on the server-side for having a "close-enough" number of people visiting (because bots will push that up a bit). It doesn't include any information other than the page visited. Not even the IP or user agent of the person making the request is sent, seen, or stored.

While, by design, Budget Zen sends you no emails, I might personally and manually email you if there's any issue, or in response to an enquiry from you, for example. None of these emails ever track if they were seen, opened, or clicked.

3. Open Source

It's hard to claim true Privacy and end-to-end encryption without exposing your source code for scrutiny. While having your source code available doesn't mean it should be Open Source, it's generally a better invitation to reporting security vulnerabilities, asking questions, and suggesting improvements to your application when you license your code in a way that it makes it considered Open Source.

If you need help choosing an Open Source license for your end-to-end encrypted app, I've wrote about that before.

Note that having your source code Open Source or available isn't really enough, though many companies think so. In my opinion, Open Source code should be simple, readable, and easily maintainable.

That means that it should be documented and not unnecessarily complex, for example.

With Budget Zen, I took it a bit farther than that and also migrated the source code from Next.js (React) to Deno and vanilla JavaScript for the client-side code (an article about that will be published here later).

It's harder to be simpler and more maintainable than pure Web Standards vanilla JavaScript client/browser code.

Data is toxic and dangerous

In summary, data is toxic and dangerous, and I don't want yours. If I need to keep it for your convenience, you bet I don't want to be able to read any of it.

When you store sensitive information that isn't end-to-end encrypted then it is only a matter of time before someone takes advantage of that fact.

And what else?

Other values I have are more related to personal preferences, and things that are harder to control all the time, but that I still try to achieve, like:

  1. Make more sustainable choices
  2. No "native" apps
  3. No vendor lock-in

1. Make more sustainable choices

I try to keep (whatever I do) as small as possible. When I do things, I try to think about them in terms of what will need the fewest resources to work.

I'm proud to have been able to partner with companies that are concerned about reducing their carbon emissions, and to have been able to strip down unnecessary code to be loaded/parsed when using the app or website.

2. No "native" apps

While related to the point above, this is more tied to the ethics around fighting monopolies and lack of choice or freedom (walled gardens). Budget Zen used to have "native" apps (built with React Native, Expo, or Electron), before it was end-to-end encrypted.

That source code and some apps are still available, but I decided to stick to Web Standards and build a Progressive Web App instead, allowing anyone to use it anywhere there's a browser capable of executing JavaScript.

3. No vendor lock-in

As a customer, I don't like to be locked in to a given provider or vendor. I like having choices, and how that pushes healthy innovation forward.

That's why it's very easy to export and import data in Budget Zen, and the file format is open.

It's also important to be easy to cancel a subscription and delete your account, which is why those options are front and very visible in your app's billing and settings pages.


Hopefully this gives you a good idea of how Budget Zen is developed and what you can expect:
Respect for Privacy.