If you’re one of the rare breed that actually reads the fine print of a user agreement, you’ll see that Wave is guided by "10 internationally recognized privacy principles." “What are they?” you might wonder.

Here goes:

  1. Accountability Under this principle, we pledge to be responsible for your personal information, and we put someone at Wave on the hook for this pledge. That person happens to be me. If you ever have concerns about your privacy, I’m the guy who promises to sort it out. Sending a note to privacy@waveaccounting.com comes right to my desk.
  2. Identifying Purposes We tell you why we need the info we’re asking for. You’ll find those details spelled out in the Privacy Policy. The short version, though, is that all the information we ask you share with us gets used to tweak the information you see in Wave, to make things easier, or to provide you with value. Some information shapes the savings opportunities you’ll soon see in Wave, but your personal details never get passed to anyone.
  3. Consent Wave tells you why we need the info we’re asking for, and gets your permission. We don’t find a back door to learn about you or your business. We only collect info directly from you, or from others (like your bank) that you permit us to connect with. You can also change your mind, and withdraw your consent (i.e., close your account) whenever you want.
  4. Limiting Collection We only ask for info that is needed to provide you with the service we’ve promised.
  5. Limiting Use, Disclosure, and Retention We only use the info in the way we said we would. We don’t share that info unless you explicitly know about it. If we keep any info on record, we make it clear what that is, and we give you a way to have it removed.
  6. Accuracy This internationally recognized principle usually deals with the accuracy of information about you that is shared with others, or that is used to make decisions about you. Since Wave never shares your info, and isn’t making any decisions about you, it doesn’t apply to our relationship with you in the normal way. Also, since you’re the one entering information into Wave, and since we never look at your private accounting unless you explicitly invite us to, most of the burden of accuracy lies with you. But to the extent that we do any number crunching, we pledge to make the information as accurate as we can.
  7. Safeguards This one is pretty straightforward. Your information is sensitive, so we handle it very carefully. The more sensitive, the more care. Since we’re talking about your money here, rest assured that Wave and our partners treat your info very, very, very carefully indeed.
  8. Openness We don’t hide details from you. If you want to know what we collect and why, for instance, we’ll tell you. No secrets or roadblocks.
  9. Individual Access This principle usually means that we’ll tell you what info we have about you. In the case of Wave, since we only have info that you’ve provided, you pretty well know the answer already.
  10. Challenging Compliance This means that if you have a concern about your privacy, we’ll listen, and we’ll answer. And if you don’t like the answer, we’ll give you something you can do about it. In practical terms: You can cancel your account and have all your data wiped out. Or you can complain to TrustE, one of the organizations that certify our privacy practices.
That’s a pretty big batch of info to absorb already. If you want more, I’ll say that:

These 10 points come from the Canadian Standards Association’s (CSA) Model Code for Privacy. The code is modeled on the OECD fair information practices.