Security
Keep your data protected.

We designed gini with advanced technologies that work together to constantly monitor, encrypt and update. Personal information is never stored on gini servers or backed up to cloud storage.

It's all about you.

gini only has permission to see where your money is going and when. It’s entirely up to you how much information you want gini to track.

From gini interface, neither you nor anyone who might get into your gini account can move or withdraw money.

We understand.

As users ourselves, we value security as much as you do. To make sure your sensitive data is safe at every step of the journey, it never leaves your device. To protect your identity, we never ask for any of your personal identifiable information.

1
Read-only data

Your privacy is our top concern. Valuable log-in credentials and personally identifiable information are safely encrypted on your phone and NEVER on gini’s servers, making it the most private and secure personal finance management app in the world.

Read more about how we use aggregated data and our privacy practices in our Privacy Policy and Terms of Use.

2
Bank-level security
Your information is protected with the same security that banks use. All of our solutions use industry standard – 256-bit encryption. With Amazon Web Services’ SSL Certificates, we give you confidence that your device is securely connected to gini’s servers.
3
Private and secure

Hong Kong has some of the strictest ebanking and data privacy regulations in the world. These rules exist to keep you and your data safe, and gini is proud to have delivered a private and secure PFM service built from the ground up to satisfy local regulations.

We protect your identity and the security of your bank credentials by never receiving them, instead they are securely encrypted on your phone without ever touching our servers.

4
Simple and safe

Log in with your fingerprint securely and easily.

Are you the lucky owner of the new iPhone X series? We support Face ID.

 

Security FAQs
Q
Is it safe to connect my banks?
A

We take security as top priority and understand that financial data is highly private. When you sign up to the app we don’t ask for a name, address, HKID or anything personally identifying. Where possible, we keep all sensitive data on the users device as opposed to our server – and key information like bank log-in credentials never are stored on our service. In addition to this, gini is a read-only service so nobody can move money in or out of your account (including you)

Q
Does gini partner with any bank now?
A

We are a neutral and independent provider that exists to give users a fair and impartial application to manage all their finances without giving preferential treatment to any specific bank. To access the data, we are using a trusted third party data provider called eWise whose aggregation systems are used by banks like HSBC, Westpac and Barclays. In order to comply with HKMA regulations, we do not store your log-in credentials on our servers – instead they remain on your device only and are inaccessible to anyone within gini.

You can find specifics related to its security policies and practices on the eWise website.

Q
Why does gini need my banking login information?
A

Our business model relies on anonymised and aggregated user data, including transactions, to deliver personalised services. This transaction information does not include any personally identifiable information.

When you provide your bank username and password, this simply establishes a secure one-way read-only connection with your bank allowing gini to download your transactions, balances, and bill due dates on your behalf, securely and automatically. This connection is between your bank and your phone, and at no point do your username or password leave your device. This connection also does not allow for any transfers as it is read-only.

Q
Where does gini store the data?
A

We are fully compliant with all data protection guidelines in Hong Kong, and this will be outlined in detail in our privacy policy which we encourage all users to read closely. All personally identifiable information collected, including your username and password, are stored on your own device only and at no point touch our server. Storing the data on your own device rather than a service is a key component of our service being able to guarantee anonymity and security.

Download now