Skip to main content
PricingCompanyArticlesSign inGet started free
Get started free

Back to articles

Guide

Era's privacy model: your data, your control

Era Team

Product

"Is it safe to connect my bank to AI?" Yes. But you should not take our word for it. Here is exactly how Era handles your financial data — what we store, what we never store, what your AI can see, and how you stay in control at every step.

What Era connects to and how

Era connects to your bank through MX, a regulated financial data aggregator that works with thousands of financial institutions. When you link a bank account, you authenticate directly with your bank through MX's secure connection flow. Era never sees, handles, or stores your bank credentials — username, password, security questions, or multi-factor codes. Those stay between you and your bank.

The connection uses OAuth where your bank supports it. You grant MX permission to access specific account data, and MX provides that data to Era. You can revoke this permission at any time through Era or directly through your bank.

What your AI can see

When you connect an AI agent to Era Context, it does not get raw access to a database. It sees structured financial summaries: account balances, transaction lists with merchant names and categories, spending breakdowns, recurring charges, and the financial context you have shared (goals, preferences, notes).

Here is what your AI can access:

  • Account balances — current balances for your connected accounts.
  • Transaction data — merchant name, amount, date, category, and any tags you have applied.
  • Spending analysis — breakdowns by category, time period comparisons, cash flow summaries.
  • Your financial context — goals, preferences, and facts you have told any connected AI agent (stored in Era's cross-agent memory).
  • Automation rules — the rules you have created and their activity.
  • Activity log — a record of everything Era Context has done on your behalf.

Your AI accesses this data through Era Context's 33 MCP tools. Every tool call is a discrete, authorized action — not a bulk data dump.

What never leaves Era

Some data never reaches your AI agent at all:

  • Bank credentials — never stored by Era, never accessible to any agent.
  • Full account numbers — your AI sees masked account identifiers, not full account or routing numbers.
  • Raw database rows — your AI receives structured summaries, not unfiltered data exports.
  • Other users' data — your financial data is isolated to your account. No agent, no employee, and no other user can access it.

OAuth consent: you choose what to share

Every AI agent that connects to Era Context goes through an authorization step. You explicitly grant each client permission to access your financial data. This is not a blanket "connect everything" switch — you authorize each client independently.

Want Claude to have access but not ChatGPT? That is your choice. Want to give Cursor read-only access for quick balance checks but full access to Claude for rule creation? You control the scope.

Each connection is independent. Authorizing one client does not authorize any other. And revoking one does not affect the rest.

Revoke any agent, any time

If you change your mind about a connected AI agent, you revoke its access instantly. No waiting period, no "please contact support," no data retention after disconnection. Revoke access, and that agent can no longer query your financial data.

This applies to every connected client — Claude, ChatGPT, Cursor, OpenClaw, or any other MCP-compatible tool. You stay in control of which agents have access at all times.

The activity log: full audit trail

Era Context maintains a complete activity log of every action taken on your behalf. Every time an AI agent queries your balance, searches your transactions, creates a rule, or modifies a tag — it is recorded.

The activity log shows:

  • What happened — the specific action taken.
  • When it happened — timestamp for every event.
  • Which agent did it — so you know if it was Claude, ChatGPT, or another client.

This is not a hidden system log. It is a feature you can access at any time within Era Context. If you ever wonder what an AI agent did with your data, the answer is there.

What Era never does with your data

Some commitments are absolute:

  • Your data is never sold. Not to advertisers, not to data brokers, not to anyone.
  • Your data is never used for advertising. Era does not serve ads, and your financial data is never used to target ads on any platform.
  • Your data never trains AI models. Your transactions, balances, and financial context are not used as training data for any machine learning model.
  • Your data is never shared without your explicit permission. No third party sees your financial data unless you have specifically authorized a connection.

Encryption and infrastructure

The technical specifics matter for people who care about them:

  • AES-256 encryption at rest — your data is encrypted when stored.
  • TLS 1.3 in transit — your data is encrypted when moving between your device, Era, and your bank.
  • Era Financial Advisors LLC is SEC-registered (CRD #334404). This is a regulated entity with compliance obligations, not a side project.
  • Brokerage services (when applicable) are provided through Alpaca Securities LLC, a FINRA/SIPC member.

Cross-agent memory and privacy

Era's cross-agent memory lets you tell one AI agent something and have every connected agent know it. "I am saving $500 a month for a house down payment" — tell Claude, and ChatGPT knows it too.

This memory is private to you. It is never shared with other users, never used to train models, and never accessible to anyone but your authorized agents. You can ask any agent to forget something, and it is removed everywhere — from Era's memory and from every connected agent's context.

You control what your agents remember. You control what they forget. The memory exists to make your experience better, not to build a profile for someone else.

Addressing the real concern

The question "is it safe to connect my bank to AI?" is really two questions.

"Is my bank connection secure?" Yes. Era does not store your bank credentials. The connection goes through MX, a regulated aggregator. You authenticate directly with your bank. You can revoke the connection at any time.

"Can I trust an AI with my financial data?" That depends on the controls. With Era, every agent requires explicit authorization. Every action is logged. You can revoke access instantly. Your data is never sold, never used for ads, never used to train models. And you can see exactly what every agent has done in the activity log.

Era does not ask you to trust blindly. It gives you the tools to verify.

Getting started

Create a free Era account at era.app. The Basic plan includes read-only MCP access for up to two accounts — enough to evaluate the security model yourself before committing to a paid plan.

Connect your AI agent using the MCP URL: https://context.era.app. Authorize it. Check the activity log. See exactly what happens.

Your data, your control. That is the model.