Protecting your data is our highest priority. Your data is safe. We don’t and never will sell your data.
Frequently Asked Questions
The following answers address the most frequently asked questions when it comes to the security of linking your account to Ziggma. Don’t find what you’re looking for? Simply shoot an email to [email protected].
Does Ziggma sell my data?
We have never and will never sell user data. Rather, our business model consists of a software-as-a-service proposition. We earn income by charging a small monthly or annual fee for the features and insights provided on the Premium plan.
What kind of encryption protocols do you employ to protect user information?
Your data is encrypted at at rest and in transit. Our databases and files are stored in US-based Amazon (AWS) servers benefitting from state-of-the-art encryption. Data is encrypted while sitting idle and when backed up. This protects against unauthorized copying, transfer or retrieval of user data. Even if an individual managed to acquire a backup of the database, it would be futile, as they would lack the necessary decryption key to access its contents. Your data is also encrypted when in transit from our servers to your browser. All pages are HTTPS (HyperText Transfer Protocol Secure) which ensures secure communication over a computer network, providing encryption and secure identification.
How secure is linking my investment account to Ziggma?
Nowadays, linking your account is highly secure. Account aggregation providers employ modern, safe frameworks like OAuth and open banking APIs with virtually all of the major brokers and banks. In particular, OAuth protocol eliminates the sharing of login credentials altogether. So you can link your account to an app like Ziggma with ever having to provide your log in credentials with anyone.
When linking my account for portfolio tracking and optimization, does Ziggma view my account credentials?
Simple answer: No. Ziggma uses third party financial account aggregator services – primarily Plaid and Snaptrade – to connect your brokerage account or 401(k) to Ziggma. In fact, no other party will come in touch with your login credentials. Today, virtually all of the largest brokers, such as Fidelity, Robinhood or Charles Schwab, use modern OAuth protocol to establish the connection. By establishing a token, OAuth eliminate the need for sharing login credentials altogether. In the few remaining cases, your credentials are directly sent to the respective service, they never enter our systems.
When I delete my account, what happens to my data?
When you delete your account, we delete all your data from our database. This includes, when applicable, terminating account connections with brokers and banks. Third party account aggregators are notified automatically.
Where is my data stored?
Our servers are hosted by Amazon Cloud services – located in the United States. Your data is consistently stored in the United States.
What are the risks if Ziggma’s servers were breached?
If Ziggma’s servers were to be breached, your broker login credentials are safe for the simple reason that Ziggma never comes in touch with them. Moreover, all your data in Ziggma is encrypted on Amazon servers. In the very unlikely event that someone managed to hack into the Amazon cloud, the data would be useless without the key to decrypt it. A data breach when data is in transit is prevented by using HTTPS on all pages to ensure browsers always employ a secure connection.