This is the final post in our series on how Gylder works. In the previous post, we covered security. Now let's talk about privacy — specifically, your rights under GDPR and how Gylder respects them.
Built for GDPR from day one
Gylder wasn't retrofitted for GDPR. It was designed with European privacy regulations as a core requirement from the very beginning. This means privacy isn't an afterthought or a compliance checkbox — it's embedded in how the product works.
Your right to access (Article 15)
You have the right to know exactly what data we hold about you. Gylder makes this easy with a one-click data export. From your settings, you can download a complete JSON file containing:
- Your profile information
- All connected accounts
- Your financial facts (balances, positions)
- Your net worth history
- Your transactions
- Your manual entries
- Your alert preferences and history
This export gives you a full picture of everything Gylder stores, in a machine-readable format you can inspect, audit, or import elsewhere.
Your right to erasure (Article 17)
You have the right to permanently delete your account and all associated data. Gylder provides this directly in your settings — no need to email support or navigate a maze of confirmation screens.
When you delete your account:
- All your financial data is permanently deleted and cannot be recovered
- Your encryption key is destroyed — making any remaining encrypted data mathematically unreadable
- Stripe invoices are retained for 7 years as required by Dutch tax law, but contain no financial data about your connected accounts
This is a genuine, irreversible deletion — not a soft delete that hides your data while keeping it on our servers.
Cookie consent
Gylder uses essential cookies to keep you logged in — these are necessary for the app to function and don't require consent.
We also use Google Analytics to understand how our website is used (which pages are visited, how users navigate). This is not loaded by default. You'll see a clear consent banner with two options:
- Essential only — Only functional cookies, no tracking
- Accept all — Enables Google Analytics alongside essential cookies
If you choose "Essential only", no analytics code is loaded at all. Your choice is stored locally and respected on every subsequent visit. We don't use dark patterns, pre-checked boxes, or confusing language to nudge you towards accepting.
No third-party data sharing
Your financial data is never shared with, sold to, or accessible by any third party. This applies regardless of your cookie choice — analytics cookies track page visits, never financial data.
We don't work with data brokers, advertisers, or any partner who would receive your personal or financial information.
Bilingual legal documents
Our privacy policy and terms of service are available in both English and Dutch, with an easy toggle between languages. This ensures you can read and understand your rights in the language you're most comfortable with — a requirement we take seriously under GDPR Article 12 (clear and plain language).
Your data stays in the EU
As covered in the previous post, all data is stored within EU data centres. This means your data is subject to European data protection law and benefits from the protections that come with it.
The bottom line
Privacy isn't a feature you enable — it's how the product works by default. Gylder collects only the data it needs to show you your finances, stores it securely, gives you full control over it, and deletes it completely when you ask.
If you have any questions about your data or privacy, you can reach us at support@gylder.nl. Our full privacy policy is available at gylder.nl/privacy.
This was the final post in our "How Gylder Works" series. If you've followed along from the beginning, you now know how every piece of the platform fits together — from connecting your first account to understanding how your data is protected. Thanks for reading.
Start from the beginning: Why You Need One Dashboard for All Your Money →
