Enterprise Security & Compliance

Security You Can Trust

We protect your most sensitive financial data with enterprise-grade security, comprehensive compliance, and complete transparency.

View Security Architecture

Built with Security First

Every layer of our platform is designed with security and compliance in mind.

Data Encryption

Industry-standard encryption at rest and in transit provided by our infrastructure partners Supabase and Vercel.

User Authentication & Access Control

Secure authentication with row-level security policies ensuring complete data isolation between users.

Secure Data Architecture

User-isolated data storage with PostgreSQL RLS policies and automated backups via enterprise infrastructure.

Infrastructure Security Monitoring

Security monitoring and threat detection provided by our SOC 2 compliant infrastructure partners.

Security Architecture

Defense in depth with multiple layers of protection.

Multi-Tier Security Architecture
Our platform implements security controls at every layer

Network Layer

  • TLS Encryption
  • DDoS Protection (Vercel)
  • Rate Limiting (Vercel)
  • Edge Network Security

Application Layer

  • Secure Framework (Next.js)
  • Built-in XSS Protection
  • PostgreSQL RLS
  • CSRF Protection

Data Layer

  • Encryption at Rest
  • Row Level Security (RLS)
  • Automated Backups
  • User Data Isolation
Data Protection
  • User-isolated data storage
  • Encrypted data transmission
  • Infrastructure-managed encryption
  • Standard data deletion
Monitoring & Response
  • Infrastructure security monitoring
  • Provider-managed threat detection
  • Standard incident response
  • Basic audit logging

Compliance & Certifications

Meeting the highest standards for data protection and security.

Current & Planned Certifications
Our roadmap to comprehensive compliance certification

SOC 2 Type II

Via infrastructure providers

Inherited

GDPR

Working toward full compliance

In Progress

CCPA

Working toward full compliance

In Progress

SOC 2 Type II (Direct)

Expected 2026

Planned

ISO 27001

Future certification goal

Planned

Trusted Subprocessors

We work only with security-certified partners who meet our strict standards.

Vercel
Security Docs
Application hosting and edge network
SOC 2 Type II
ISO 27001
Supabase
Security Docs
Database, authentication, file storage
SOC 2 Type II
HIPAA Ready
OpenAI
Security Docs
AI language model processing
SOC 2 Type II
LlamaCloud
Security Docs
Document parsing and analysis
SOC 2 Type II
Incident Response & Breach Notification

Detection

Infrastructure monitoring provided by our enterprise hosting partners with automated alerting.

Response

Incident response procedures following industry standards with support from our infrastructure partners.

Notification

Customer notification in accordance with legal requirements and industry best practices.

Security Documentation

Download our comprehensive security policies and procedures.

Privacy Policy

Comprehensive privacy policy covering data collection, usage, and your rights.

View Privacy Policy
Terms of Service

Complete terms of service including security responsibilities and disclaimers.

View Terms of Service
Security Documentation

Additional security documentation available for enterprise customers.

Ready to Get Started?
Experience enterprise-grade security with our AI-powered financial modeling platform.
Start Free Trial