Your spend data,
locked down.
We treat finance data like the sensitive primary source it is. Here's exactly what we do — and what we don't.
Encryption at rest
AES-256 on every database row and backup, managed by our cloud provider.
TLS in transit
All traffic uses TLS 1.2+ with modern cipher suites. HSTS enforced.
Row-level security
Postgres RLS scopes every read and write to your workspace. No cross-tenant leaks.
SOC 2 (in progress)
We're working through Type II controls with our auditor in 2026.
GDPR-ready
Data export and deletion on request. EU data residency available on request.
Audit logs
Every settings change, invite, and integration toggle is timestamped and attributable.
Responsible disclosure
Found a vulnerability? Email us with details and we'll respond within one business day. We don't sue researchers acting in good faith.
security@econoglance.com