Security at Reconcilio

1. Data Encryption

• In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2+ (Transport Layer Security).
• At Rest: All data stored in our databases is encrypted at rest using industry-standard AES-256 encryption.

2. Secure Infrastructure

We use Supabase (built on AWS) for our backend infrastructure. Supabase is SOC 2 Type 2 compliant and provides enterprise-grade security features.

• Row Level Security (RLS): We enforce strict database policies that ensure users can only access their own data. Even our own API cannot access your data without your specific authentication token.
• Regular Backups: Database backups are performed daily and stored securely.
• DDoS Protection: Our infrastructure includes protection against Distributed Denial of Service attacks.

3. Payment Security

We do not store your credit card information on our servers. All payments are processed securely by Stripe, a PCI-DSS Level 1 Service Provider (the most stringent level of certification available in the payments industry).

4. Data Minimization

We practice data minimization to reduce risk:

• No Bank Credentials: We do not ask for or store your bank login credentials. We only process the export files you provide.
• Anonymized AI Processing: When sending data to AI models for reconciliation, we strip personally identifiable information (PII) where possible.

5. Vulnerability Disclosure

If you believe you have found a security vulnerability in Reconcilio, please contact us immediately at content.studio.pr@gmail.com. We appreciate your help in keeping our platform secure.