Zero Data Storage

Your financial data lives only in your Google Sheets. We never store, process, or have access to your sensitive information.

WalletMap dashboard rendered live from the user's own Google Sheets
Every number on the dashboard is streamed from your own Google Sheets (demo data)

Why Zero Storage Matters

Full ownership — your data is in your Google Drive, accessible only by you
No data breaches possible — we can't leak what we don't have
GDPR-friendly by design — no personal financial data on our servers
Data persists after account deletion — your spreadsheet stays in your Drive forever

How It Works

1

Sign in with Google

When you sign in, we request permission to create and edit a single Google Sheets spreadsheet in your Drive.

2

Spreadsheet auto-created

A dedicated spreadsheet is automatically created in your Google Drive. This is where all your asset data will live.

3

Read and write directly

Every time you add, edit, or view assets, we read from and write to your spreadsheet in real time. Our servers act only as a pass-through.

4

Verify anytime

Open Google Sheets directly to see your raw data. What you see there is exactly what the app uses — no hidden copies, no server-side databases.

Architecture Deep Dive

WalletMap uses a BFF (Backend for Frontend) architecture where the Next.js API routes communicate directly with the Google Sheets API. When you request your dashboard, the server fetches data from your spreadsheet, enriches it with live market prices, and sends it to your browser. At no point is your financial data persisted on our infrastructure. Even our database only stores your basic Google profile (name and email) for authentication purposes.

Why we picked Google Sheets over Plaid or Yodlee

Honestly, the very first option we ruled out when planning WalletMap was wiring up Plaid or Yodlee. Look at how those bank-aggregation services work and you'll see the cost: users hand over banking credentials or an OAuth token to the aggregator, the aggregator pipes structured data into your backend, and your backend — for the sake of a snappy UX — almost certainly caches that data in its own database. Mint, Personal Capital, YNAB all do this. Net effect: the user's transaction history lives in their bank, plus a copy at the aggregator, plus another copy at the app vendor.

We didn't want that architecture, so from line one of code the financial data has lived in the user's own Google Sheets. In practice, sign-in only requests two OAuth scopes: `drive.file` (limited to files this app creates) and `spreadsheets` (read/write that file). We literally cannot read other docs in your Drive, can't see your Gmail, can't touch other spreadsheets. The scope restriction isn't a promise — Google's OAuth consent screen enforces it.

From a privacy-law angle, this design clears GDPR's data-minimization and storage-limitation principles almost for free. There are no bank balances on our servers, no holdings, no wallet addresses. So there's no "data breach" scenario to worry about with respect to financial data. The most we could leak is your Google display name and email — which is the minimum OAuth gives us at sign-in anyway.

Honest tradeoff: because data is fetched live from Google Sheets each time, performance ceiling is lower than if it sat in our own Postgres. We use Redis caching, batched reads, and pagination to compress that gap, but the ceiling is real. It's also why WalletMap isn't right for high-frequency use cases that need sub-second refresh. For personal asset tracking, accuracy and privacy matter more than millisecond latency — that's an opinionated call, not a technical limitation.

FAQ on zero storage

If I delete my WalletMap account, does my data go with it?
No. Your spreadsheet lives in your own Google Drive. Deleting your WalletMap account only removes your login info (email, name) and the OAuth grant from our database. The sheet itself stays in your Drive — you can keep editing it directly in Google Sheets or import it into another tool.
Can I use WalletMap offline?
No. Because data is read and written live from Google Sheets, no network means nothing works. The flip side: you can always open the Google Sheets app offline and see your spreadsheet directly — that's where the data actually lives. We outsource the offline experience to Google, which is a side effect of this architecture.
How does this compare to bank-linked apps like Mint or Personal Capital?
The difference is where the data sits. Those apps cache your transaction history on their servers, so the UX is smoother but the attack surface is larger. WalletMap takes the manual-entry route, trading some convenience for the fact that we don't hold your financial data. If breach exposure matters to you, the trade-off makes sense.
What if your servers get hacked?
Our Postgres only stores Google profile data (email, name, avatar URL) and your OAuth refresh token. Worst case, that token leaks — but its scope is limited to the single spreadsheet we created in your Drive, not anything else. You can revoke WalletMap's authorization in Google account settings, which kills any leaked token instantly.

Explore Other Features

Multi-Asset Tracking
Real-Time Quotes

Ready to Take Control of Your Assets?

Start tracking your assets with complete privacy. Your data never leaves your Google Drive.