How It Works Pricing FAQ
Log In Get Started

Bank-Grade Security

Your financial documents are protected with enterprise-level encryption and security measures. We process thousands of bank statements while maintaining the highest security standards.

AES-256 Encryption

All files encrypted at rest using military-grade AES-256 encryption

TLS 1.3

256-bit encryption for all data in transit to and from our servers

24-Hour Deletion

All uploaded files automatically and permanently deleted within 24 hours

UK Data Centres

All data processed and stored exclusively in UK-based facilities

Data Encryption

Encryption at Rest

All uploaded bank statements and converted files are encrypted using AES-256, the same standard used by banks and government agencies worldwide.

Encryption in Transit

All communications between your browser and our servers use TLS 1.3 with 256-bit encryption. Your data is never transmitted unencrypted.

Secure Key Management

Encryption keys are managed using industry best practices with regular rotation and secure storage separate from encrypted data.

Infrastructure Security

UK Data Centres

Our infrastructure is hosted in ISO 27001 certified UK data centres with 24/7 physical security, biometric access controls, and CCTV monitoring.

Network Security

Enterprise-grade firewalls, DDoS protection, and intrusion detection systems monitor and protect our infrastructure around the clock.

Regular Audits

We conduct regular security assessments, penetration testing, and vulnerability scans to identify and address potential security issues.

Data Handling

Automatic deletion - Files permanently deleted within 24 hours
No data sharing - Your documents are never shared with third parties
No AI training - Documents never used for machine learning or AI training
Minimal retention - We only keep what's necessary to provide the service
UK jurisdiction - All data subject to UK data protection laws

Compliance & Certifications

UK GDPR Compliant

Fully compliant with the UK General Data Protection Regulation and Data Protection Act 2018.

ICO Registered

Registered with the Information Commissioner's Office as a data controller and processor.

ISO 27001 Infrastructure

Our data centres maintain ISO 27001 certification for information security management.

Cyber Essentials

Aligned with UK Government Cyber Essentials security framework requirements.

Access Controls

Role-Based Access

Strict access controls ensure only authorised personnel can access systems, with permissions based on job requirements.

Multi-Factor Authentication

All administrative access requires multi-factor authentication, adding an extra layer of security.

Audit Logging

Comprehensive logging of all system access and changes, maintained for security review and compliance.

Incident Response

We maintain a comprehensive incident response plan to handle potential security events:

  • 24/7 security monitoring and alerting
  • Defined escalation procedures and response team
  • Customer notification within 48 hours of confirmed breach
  • Regular incident response testing and drills
  • Post-incident analysis and improvement processes

Questions About Security?

We're happy to discuss our security measures in more detail. Contact our security team for more information.

Contact Security Team

Related Documentation

Privacy Policy How we collect and use your data Data Processing Agreement Terms for data processing Terms of Service Service terms and conditions