Your financial data,
protected like a bank

We take security seriously. Here's exactly how we protect your information.

Bank-level encryption, everywhere

In Transit

  • TLS 1.3All data is encrypted when moving between your device and our servers.
  • HTTPS OnlyWe never transmit data over unsecured connections.
  • Certificate PinningPrevents man-in-the-middle attacks.

At Rest

  • AES-256 EncryptionMilitary-grade encryption for all stored data.
  • Encrypted BackupsEven our backups are encrypted.
  • Key RotationEncryption keys are rotated regularly.

Built on secure, compliant infrastructure

Hosting Infrastructure

AWS / Google Cloud

Top-tier cloud providers

EU Data Centers

GDPR-compliant locations

99.9% Uptime

SLA for Enterprise

DDoS Protection

Cloudflare protection

Compliance & Certifications

SOC 2 Type II

Independently audited for security

GDPR Compliant

European data protection standards

PCI-DSS Ready

Secure payment processing

ISO 27001

Information security management

Control who sees what

Role-Based Access

Grant specific permissions: Admin, Editor, Viewer.

2-Factor Auth

Optional SMS or authenticator app 2FA for all accounts.

SSO (Enterprise)

Single Sign-On with Google Workspace, Microsoft 365, Okta.

IP Whitelisting

Restrict access to specific IP addresses (Enterprise).

Session Management

Auto-logout after inactivity, device tracking.

Your data belongs to you. Always.

Never Sold

We will never sell your data to third parties. Ever.

Minimal Collection

We only collect what's necessary to run the service.

Transparent

Read our Privacy Policy for full details.

Right to Deletion

Export or delete all your data anytime.

Local Storage

Keep sensitive data on your own servers (Enterprise).

Your data is backed up, always

Real-time replication

Changes saved immediately

Daily snapshots

Full backup every 24 hours

30-day retention

Recover data from any point in the last month

Off-site storage

Backups stored in multiple geographic locations

Disaster Recovery

RTO< 4 hours
RPO< 15 minutes loss

We watch for threats 24/7

Intrusion Detection

Automated alerts for suspicious activity

Audit Logs (Enterprise)

Track every action: who did what, when

Vulnerability Scanning

Weekly automated security scans

Penetration Testing

Annual third-party security audits

Bug Bounty Program

Researchers rewarded for finding vulnerabilities

If something goes wrong

Detection: Automated monitoring alerts our team

Containment: Isolate the issue within 30 minutes

Investigation: Identify root cause

Notification: Email all affected users within 24 hours

Resolution: Fix the issue and prevent recurrence

Contact for Security Issues:

[email protected] (monitored 24/7)

Found a security issue?

We take security seriously. If you've discovered a vulnerability, please report it to us.

  • Acknowledge report within 24 hours
  • Keep you updated on fix progress
  • Credit in Hall of Fame
  • No legal action for good-faith research

Bug Bounty: Rewards up to $5,000 for critical vulnerabilities.

Common Security Questions

Sleep better knowing your data is safe

Your data is protected from day one. No credit card required.