Enterprise-grade security you can trust

Your financial data is highly sensitive. We've built a platform with security and compliance at its core, trusted by CFOs and compliance officers across Europe.

Get secure validationRequest security documentation

Certified and compliant

Meeting the highest standards for data security and privacy

SOC 2 Type II

Independently audited for security, availability, and confidentiality

Certified

GDPR Compliant

Full compliance with EU data protection regulations

Compliant

ISO 27001

Certified information security management system

Certified

EU Cloud

All data stored and processed in EU data centers

Compliant

How we protect your data

Multi-layered security from infrastructure to application

Encryption everywhere

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your files are never stored unencrypted.

  • TLS 1.3 for all connections
  • AES-256 encryption at rest
  • Encrypted database backups

Secure infrastructure

Hosted in AWS EU regions with multiple availability zones, automated backups, and disaster recovery.

  • AWS Frankfurt & Dublin regions
  • Multi-AZ deployment
  • 99.95% uptime SLA available

Access control

Role-based access control (RBAC) with multi-factor authentication to ensure only authorized users access your data.

  • Multi-factor authentication
  • SSO via SAML & Okta available
  • Granular role permissions

Audit logs

Complete audit trail of all actions in your account. Track who did what and when for compliance and security reviews.

  • All user actions logged
  • 30-day retention (free)
  • Export for compliance

Data isolation

Your data is logically isolated from other customers. Enterprise customers can opt for dedicated infrastructure.

  • Tenant-level isolation
  • Database isolation option
  • Completely isolated environments available

Security monitoring

24/7 security monitoring with automated threat detection, vulnerability scanning, and incident response procedures.

  • 24/7 security operations
  • Automated vulnerability scans
  • Incident response plan

Your data, your control

We never access, share, or sell your data. Period.

What we collect

  • Account information — Email, name for account management
  • Usage data — API calls for billing and analytics
  • Your XBRL files — Stored encrypted for your access only

What we don't do

  • No data selling — We never share your data with third parties
  • No data mining — We don't use your data for training or analytics
  • No unauthorized access — We don't access your files without explicit consent

Compliance roadmap

Our commitment to meeting the highest security and compliance standards

SOC 2 Type II

Completed in Q1 2024. Report available to Enterprise customers on request.

Completed

GDPR Compliance

Full compliance with EU GDPR including data subject rights, processing agreements, and DPA certification.

Completed

ISO 27001

Certified by BSI (ISO 27001 certification for information security management). Renewed annually (Q2 2025).

Completed

ISO 27017/27018

Cloud security and data privacy certifications planned for 2026.

Planned

Questions about security?

Our security team is here to answer your questions and provide detailed documentation.

Contact security team