You are trusting us with financial records. Here is exactly how they are handled.
Client data is stored and processed on servers located in the United States. It is not transferred to, stored in, or processed from any other jurisdiction.
We work from exports you send, or read-only API credentials you issue and can revoke at any time. We hold no payment authority, no signatory power, and no write access to your systems. We never touch funds.
TLS in transit; encrypted storage at rest. Access to client data is limited to personnel working on your account.
Audit-trail workpapers are retained while you are a client (your state requires 3+ years of reconciliation records — we keep yours ready). On request, we delete all client data within 30 days and confirm in writing.
Mutual NDA before any data changes hands — including for the free audit. Your data is never sold, shared, or used for anything other than producing your reports.
SOC 2 Type I is on our roadmap. Until then, we publish our practices here plainly and answer any security questionnaire you send us.
Send three exports. Within 48 hours you get a discrepancy report — every finding tied to a record ID. No call required, no software to install.
Ready in ~10 minutes of your time: answer four questions, upload your exports, get a tracking link. Report within 48 hours.
✓ Got it — we'll reply within one business day with the export checklist.
Typically for companies managing 100–3,000 doors on Buildium or AppFolio.