"Zero-knowledge" here is a design claim about who can decrypt, not a marketing adjective. In a true zero-knowledge design, the server stores only ciphertext and wrapped keys; the key that unlocks them is computed from your password at sign-in and never persisted in the clear.
How Finlynq applies it — and the honest limits
Finlynq encrypts name-like fields (payees, notes, tags, account names, category names, budget names) with a per-user key derived from your password, so the operator cannot read them. It is not a blanket claim about every byte: numeric amounts, dates, and IDs are stored unencrypted because the database needs them to compute totals and run queries. Finlynq states this trade-off plainly rather than overclaiming.
The practical consequence of a key derived only from your password is that there is no operator-side recovery. If you forget your password and have no backup, the encrypted fields cannot be restored — by you or anyone else.