Security and Privacy
Finicom's security, privacy, and data policy to ensure user data is always safe.
At Finicom, your security and privacy are our top priorities. We know that syncing financial data with third-party apps can feel risky, but we’ve built Finicom with the latest security standards to ensure your data is protected. Below, we’ve outlined our approach to security, privacy, and data protection so you can feel confident using our platform.
Your Data, Protected
- No Permanent Storage of Your Financial Data: Finicom never permanently stores your transaction data (like descriptions, amounts, or other details). After processing, this data is deleted forever.
- No Data Sales or Sharing: We don’t sell, share, or rent your personal or financial data. Our business model is simple: we monetize directly from user subscriptions, meaning we don’t rely on selling your data to make money.
- Secure Cloud Hosting: All of our services are hosted in secure, off-premise cloud infrastructure, meaning your data is never at risk due to physical breaches.
- End-to-End Encryption: Whether your data is in transit or at rest, it’s protected by the latest encryption standards. Sensitive information like financial transaction data and user tokens are doubly encrypted in our database, meaning Finicom’s employees can never view this information. The data is only decrypted by our servers to process it at your request.
How We Keep Your Data Safe
- Minimal Data Retention: We follow a strict data minimization policy, meaning we only store the data necessary to deliver our services and communicate with you. Any temporary data that is stored for processing is encrypted and promptly deleted once it’s no longer needed.
- No Third-Party Data Sharing: We never share your data with AI models or other third-party services unless it’s to sync your accounts with apps like Google Sheets™ or Notion—exactly as you’ve requested us to do.
- Activity Logs for Transparency: We actively monitor server logs, which we use to detect and monitor any unusual or unauthorized activity to keep your account safe.
Access Controls & Authentication
- Two-Factor Authentication (2FA): To protect your account, we ensure all employees use 2FA for all critical production assets—this ensures that only authorized personnel can access systems and data that power Finicom.
- No Personal Devices: Finicom enforces a policy of no personal devices accessing our network or sensitive data, ensuring additional layers of protection against unauthorized access.
- Separate Environments: We maintain separate environments for development and production, so your live data is always safe and unaffected by ongoing development.
Incident Management
In the unlikely event of a security issue, we have a robust process for detecting, responding to, and resolving security incidents. We closely monitor all activity in our systems, and if we detect any suspicious behavior, we take immediate action to protect your data and notify affected users.
Building and Releasing Secure Code
At Finicom, we take great care in how we build and release new features. We use a staging environment to test all changes before they go live, and we manually review and test new code to ensure it’s safe and stable before releasing it to production. Our change control process ensures that every update is carefully managed to maintain system security.
Our Commitment to You
We’re committed to maintaining the highest levels of security and privacy for our users. By using Finicom, you can trust that your data is safe, your privacy is respected, and we are fully transparent about how we handle your information.
For any questions about our security and privacy practices, or for our full documented security policy, email us at [email protected]. We’re here to help!