Assurance Center

How we protect your data — and the evidence to prove it.

Security Controls

Control Domains

Zero

Raw Data Stored

Data Handling

Data Transparency

What We Store

User account information (name, email)
Client metadata (names, industries, fiscal year-ends)
Aggregate diagnostic metadata (category totals, ratios, row counts)
Engagement records (narratives only, no line-level financial data)
Anonymized usage statistics

What We NEVER Store

Raw uploaded CSV/Excel files
Line-level trial balance rows or individual account balances
Individual journal entries, invoices, or payment records
Anomaly details tied to specific accounts or amounts

Security Architecture

How We Protect Your Data

Four stages. Every control documented. Zero raw data persisted.

Ephemeral Zone

Persistent Boundary

Ingest

Secure data entry

ephemeral

3 controls — click to expand

Authenticate

Identity verification

ephemeral

3 controls — click to expand

Process

Ephemeral analysis

ephemeral

3 controls — click to expand

Purge

Zero-Storage guarantee

persistent

2 controls — click to expand

Ephemeral Zone

Ingest

Secure data entry

ephemeral

Tap icon to view 3 controls

Authenticate

Identity verification

ephemeral

Tap icon to view 3 controls

Process

Ephemeral analysis

ephemeral

Tap icon to view 3 controls

Zero-Storage Boundary

Purge

Zero-Storage guarantee

persistent

Tap icon to view 2 controls

Zero-Storage: all raw data purged after analysis

Control Matrix

Security Control Inventory

19 controls across 5 domains, each mapped to its standard reference. Expand any domain to inspect.

Compliance

Standards & Certifications

Our compliance roadmap with artifact links for due diligence.

2024

GDPR

Compliant

EU General Data Protection Regulation

2024

CCPA

Compliant

California Consumer Privacy Act

2025

DPA

Available

Data Processing Agreement — Enterprise tier

Request DPA

2026

SOC 2 Type II

In Progress

Service Organization Control — Expected Q3 2026

GDPR

Compliant

2024

EU General Data Protection Regulation

CCPA

Compliant

2024

California Consumer Privacy Act

DPA

Available

2025

Data Processing Agreement — Enterprise tier

Request DPA

SOC 2 Type II

In Progress

2026

Service Organization Control — Expected Q3 2026

Incident Response

Preparedness Playbook

Our four-phase incident response posture. Zero-Storage architecture minimizes breach impact by design.

Detection

Phase 01

Automated monitoring and anomaly detection across infrastructure and application layers.

Structured logging with request-ID correlation
Sentry APM with Zero-Storage compliant error tracking
Rate limit breach alerting

Full playbook available on request for Enterprise accounts

Documents

Downloadable Artifacts

Review our policies and request compliance documents for your due diligence.

Privacy PolicyPolicy

Full GDPR/CCPA-compliant privacy disclosure.

Terms of ServiceLegal

Platform usage terms and liability framework.

Zero-Storage ArchitectureTechnical

Technical deep-dive into our ephemeral processing model.

Request DPAEnterprise

Data Processing Agreement available for Enterprise accounts.