5 layers between your data
and everything else.
Your financial data passes through 5 layers of protection, each designed to reduce unauthorized-access and leakage risk.
Outermost Layer
Authentication
Stops threats before they enter
- OAuth 2.0 for the third-party integrations we support
- Authentication-provider throttling applies per Supabase Auth defaults
- Session expiry and refresh-token rotation per Supabase Auth defaults
Encryption Layer
AES-256 Encryption
Your data is unreadable without the keys
- Customer-facing connections use HTTPS; the hosting provider supports TLS 1.2 and TLS 1.3
- Customer data at rest in the application database is encrypted with AES-256
- OAuth tokens for connected integrations are stored encrypted at the integrations broker layer
Isolation Layer
Tenant Isolation
Your data never touches another client’s
- Every database query hard-scoped by your Tenant ID
- Row Level Security (RLS) enforced at the database level
- Cache keys namespaced per tenant
- AI embeddings isolated per tenant — zero cross-contamination
- Automated tests verify isolation on every code change
Intelligence Layer
Traceable AI
Grounded answers carry a data trail
- Grounded AI chat answers cite the data sources consulted (LOCK-030 grounding contract)
- The AI reasoning log is append-only and queryable per tenant for the customer’s own chat history
- Outbound LLM calls route with provider data-collection set to deny
- Your data is not used to train models for other customers
Core
Your Data
Fully sovereign. Always yours.
- We read your data to provide insights; we do not sell it
- Data export is available via our support channel for accounts in good standing
- You may request deletion at any time
- Up to 90-day deletion window after cancellation, subject to limited retention exceptions described in our Privacy Policy section 5
- Feedback and learning features are opt-in
All layers active
How We Build
Development Practices
Vulnerability Scanning
Dependencies are monitored for known vulnerabilities; CI gates block production deploys on critical advisories.
Dependency Updates
Automated monitoring. We aim to keep production free of packages with known critical vulnerabilities.
AI Reasoning Log
Grounded AI chat answers write an append-only reasoning row capturing the data sources consulted (LOCK-030).
Access Control
Principle of least privilege applies to internal access; production access is restricted to authorized personnel.
Our Pledge
Plain English Commitments
No legal jargon. Just what we promise.
We do not sell your financial data.
We do not use your data to train models for other customers; outbound LLM calls route with provider data-collection set to deny.
On grounded AI chat answers, we surface the data sources that informed each response (LOCK-030 grounding contract).
We aim to delete production copies of your data within 90 days of cancellation, subject to limited retention exceptions for financial, billing, and required legal records described in our Privacy Policy section 5.
We aim to notify affected customers without undue delay if we become aware of a personal data breach, consistent with GDPR Article 33.
Data export is available via our support channel for accounts in good standing.
— The EverCFO Team