We see the transactions. We never touch the money.
Helm is built read-only. There is no pathway — technical or legal — for us to move funds out of your account. That's the whole design.
Read-only bank access
All bank data flows through Teller, a bank-grade connectivity provider. Teller brokers a read-only connection: we request transaction history, Teller returns it, and that's the entire surface area. We don't receive your credentials, and we don't hold a token with any write scope.
Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256 on managed Postgres). Access tokens are rotated on a fixed schedule and scoped per account. Production database access is restricted to a single deploy key held in our infrastructure vault.
Data minimization
We pull the transaction fields needed to run the audit — date, amount, description, counterparty — and nothing else. We don't store account numbers, and we don't request balance sheets, statements, or any line item that isn't on the daily ledger.
What you control
- Disconnect your bank from the dashboard; token is revoked within seconds.
- Request a full data export at any time (JSON + CSV).
- Delete your account and all associated data; honored within 30 days.
Questions
Security disclosures: support@helmhelps.com.