State of Things · Last updated: 8 June 2026
In short. State of Things is a private, self-hosted application that one individual uses to track their own net worth. It is not a public or commercial service. Your financial data lives on a privately operated server, is never sold or used for advertising, and bank access happens only with your explicit consent through a regulated provider.
This application is operated by a private individual (the “Operator”), who is the data controller for the purposes of the EU General Data Protection Regulation (GDPR):
app.stateofthings.netState of Things is a personal-use, self-hosted project. It is operated by an individual for their own personal and household financial management. It is not offered to the public, is not a commercial product, and there is no plan to deploy it publicly at this time. Access is limited to the Operator and to any individuals the Operator explicitly invites (see “People you invite” below).
| Category | Examples | Source |
|---|---|---|
| Account & identity | Name, email address and profile picture from your Google account; access role (owner / editor / viewer) | Google Sign-In (OAuth) |
| Bank account information | Account name, account type, currency, masked account number (IBAN), and the current account balance | Your bank, via Enable Banking (only after your explicit consent) |
| Financial records you manage | Net-worth figures you enter or sync (cash, investments, real estate, mortgages and related notes) | You, and synced bank balances |
| Technical / session | A short-lived session identifier (cookie), and basic server logs | Your use of the application |
Exchange-rate data is fetched from a public rates service (Frankfurter). Only currency codes and dates are sent for this — never any personal or financial information about you.
When you connect a bank account, you are redirected to a service provided by Enable Banking Oy, a licensed Account Information Service Provider regulated by the Finnish Financial Supervisory Authority (FIN-FSA). You authenticate directly with your own bank and grant consent there. This application never sees or stores your online banking username, password, or login codes. It receives only the account information listed above. The access consent is time-limited (typically up to ~90 days) and you can withdraw it at any time by disconnecting the bank inside the app, or through your bank.
Your data is not sold, rented, or used for advertising. It is shared only with the service providers strictly needed to make the application work (acting as processors or independent controllers as applicable):
Some of these providers (e.g. Google) may process data outside the European Economic Area; where they do, they rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses.
The application includes an optional sharing feature. If the Operator invites another person (for example to view or edit a portfolio), that person’s Google name and email are processed to manage their access. Invited people can ask the Operator to remove their access and associated identity data at any time.
You have the right to: access your data; correct it; have it erased; restrict or object to its processing; receive a copy in a portable format; and withdraw consent at any time (withdrawal does not affect processing that already took place). To exercise any of these, contact info@stateofthings.net.
You also have the right to lodge a complaint with a data-protection supervisory authority — in the Czech Republic, the Office for Personal Data Protection (Úřad pro ochranu osobních údajů, uoou.cz), or the authority in your country of residence.
This application is not directed at children and is not intended for use by anyone under 16.
This policy may be updated as the application evolves. The “Last updated” date at the top reflects the latest version.
Terms of Use · Back to the app
State of Things is a private, non-commercial project operated by an individual for personal use.