Effective 2026-05-06
OpinLabs (the “Service”) is a self-hosted personal finance and rental-property management platform operated by an individual administrator. By creating an account or otherwise using the Service you (“User”) agree to these Terms. If you do not agree, do not register and do not use the Service.
Access is invitation-only. Submitting a request through the registration form does not guarantee approval. The administrator may approve, deny, suspend, or terminate any account at their sole discretion, including for inactivity, abuse, or violation of these Terms.
You are responsible for keeping your password confidential and for all activity under your account. You must change the temporary password issued at approval on your first sign-in.
Every API route on the Service scopes records to the authenticated user’s identifier extracted from a signed session token. Other users — including users with the ADMIN role — cannot view, list, export, or modify your transactions, accounts, budgets, properties, documents, or notifications through the application.
What we will never do: sell, rent, or share your data with third-party advertisers, data brokers, or analytics vendors. Aggregate “leaderboards” or cross-user comparisons are not built into the product.
What you should know about self-hosting: the Service runs on infrastructure controlled by the administrator. The administrator holds operating-system and database-superuser credentials on the host machine and could, in principle, read row-level data directly from PostgreSQL outside the application. The administrator commits in good faith not to do so except (a) at your written request to debug an issue with your account, (b) to comply with a lawful order, or (c) to investigate suspected abuse of the platform. Tokens issued by financial institutions (Plaid, OFX, Questrade, email-scan credentials) are stored encrypted at rest using AES-256-GCM and are not human-readable from the database.
httpOnly, SameSite=Lax, and (in production) Secure.127.0.0.1 on the host and reachable only through the reverse proxy or an authenticated SSH tunnel.The Service runs an automated nightly backup of the PostgreSQL database and the MinIO document store. Backups are written to an off-volume directory on the host, encrypted with the administrator’s GPG public key, and retained on a rolling 30-day schedule. Older snapshots are pruned automatically.
Backups exist solely to recover from hardware failure or accidental deletion. They are not shared with third-party cloud providers and are not used to populate analytics, reports, or any other product surface. If you delete your account, backups taken before the deletion will age out within 30 days and your records will be removed from any future snapshots immediately.
userId are purged from the live database within 7 days, and aged out of backups within 30 days. Deletion is irreversible.You agree not to upload another person’s data without their consent, attempt to access another user’s account, probe the Service for vulnerabilities outside a coordinated disclosure, or use the Service to violate Canadian or your local law. Violation may result in immediate termination.
The Service integrates with Plaid, Questrade, OFX banking endpoints, IMAP email providers, Resend (transactional email), and the Anthropic and Google generative-AI APIs (used by the in-app Copilot at your explicit request). When you use these features your data is transmitted to the relevant provider under their terms. The Copilot does not train on your data; prompts are not retained by Anthropic or Google beyond their standard processing window.
The Service is provided “as is” for personal and household financial-management use. It is not a regulated financial advisor, tax preparer, accountant, or broker-dealer. Numbers shown — including ROI projections, tax estimates, and budget forecasts — are informational only. Verify with a licensed professional before making decisions.
To the maximum extent permitted by law, the administrator is not liable for indirect, incidental, or consequential damages arising from your use of or inability to use the Service.
We may update these Terms when meaningful changes are made to the Service. The version shown above changes whenever the document is revised. If a revision materially affects your rights, you will be asked to re-accept on next sign-in.
Questions, deletion requests, and security disclosures: maxime.joseph@hotmail.ca.
See also our Privacy Policy.