How we protect your data
All data transmitted between your device and our servers is encrypted using TLS 1.3. Your receipt images and data are encrypted at rest using AES-256 encryption.
We use Firebase and Google Cloud Storage, which provide enterprise-grade security and compliance with industry standards including SOC 2, ISO 27001, and GDPR.
We use Firebase Authentication with secure password hashing and optional two-factor authentication to protect your account.
Your data is isolated and only accessible by you. We implement strict access controls and audit logging.
We conduct regular security audits and penetration testing to identify and address potential vulnerabilities.
We comply with GDPR, CCPA, and other applicable data protection regulations.
In the event of a security incident, we have procedures in place to quickly identify, contain, and remediate the issue.
We follow industry best practices for secure software development, including regular updates and security patches.