How It Works Pricing FAQ
Log In Get Started

Bank-Grade Security

Your financial documents are protected with enterprise-level encryption and security measures. We process thousands of bank statements while maintaining the highest security standards.

AES-256 Encryption

All files encrypted at rest using military-grade AES-256 encryption

TLS 1.3

256-bit encryption for all data in transit to and from our servers

24-Hour Deletion

All uploaded files automatically and permanently deleted within 24 hours

US Data Centers

All data processed and stored exclusively in US-based facilities

Data Encryption

Encryption at Rest

All uploaded bank statements and converted files are encrypted using AES-256, the same standard used by banks and government agencies worldwide.

Encryption in Transit

All communications between your browser and our servers use TLS 1.3 with 256-bit encryption. Your data is never transmitted unencrypted.

Secure Key Management

Encryption keys are managed using industry best practices with regular rotation and secure storage separate from encrypted data.

Infrastructure Security

US Data Centers

Our infrastructure is hosted in ISO 27001 certified US data centers with 24/7 physical security, biometric access controls, and CCTV monitoring.

Network Security

Enterprise-grade firewalls, DDoS protection, and intrusion detection systems monitor and protect our infrastructure around the clock.

Regular Audits

We conduct regular security assessments, penetration testing, and vulnerability scans to identify and address potential security issues.

Data Handling

Automatic deletion - Files permanently deleted within 24 hours
No data sharing - Your documents are never shared with third parties
No AI training - Documents never used for machine learning or AI training
Minimal retention - We only keep what's necessary to provide the service
US jurisdiction - All data subject to US data protection laws

Compliance & Certifications

CCPA Compliant

Fully compliant with the California Consumer Privacy Act.

SOC 2 Infrastructure

Our data centers maintain SOC 2 Type II certification for security and availability.

ISO 27001 Infrastructure

Our data centers maintain ISO 27001 certification for information security management.

NIST Framework

Aligned with NIST Cybersecurity Framework requirements for data protection.

Access Controls

Role-Based Access

Strict access controls ensure only authorized personnel can access systems, with permissions based on job requirements.

Multi-Factor Authentication

All administrative access requires multi-factor authentication, adding an extra layer of security.

Audit Logging

Comprehensive logging of all system access and changes, maintained for security review and compliance.

Incident Response

We maintain a comprehensive incident response plan to handle potential security events:

  • 24/7 security monitoring and alerting
  • Defined escalation procedures and response team
  • Customer notification within 48 hours of confirmed breach
  • Regular incident response testing and drills
  • Post-incident analysis and improvement processes

Questions About Security?

We're happy to discuss our security measures in more detail. Contact our security team for more information.

Contact Security Team

Related Documentation

Privacy Policy How we collect and use your data Data Retention (ZDR) Our 24-hour zero data retention policy Data Processing Agreement Terms for data processing Terms of Service Service terms and conditions