Question 1

How is one firm's data kept separate from another's?

Accepted Answer

Every record is scoped by company_id and protected by Postgres row-level security (RLS) policies. Database queries from one firm cannot return another firm's rows.

Question 2

Where are uploaded documents stored?

Accepted Answer

Documents are stored in per-firm prefixed paths in private object storage. Access is granted via short-lived signed download links — there are no public document URLs.

Question 3

Is multi-factor authentication available?

Accepted Answer

Yes. MFA is supported with trusted devices for 30 days and step-up verification required before sensitive actions like Stripe Connect changes or billing portal access.

Question 4

Do you keep an audit log?

Accepted Answer

Yes. Sensitive actions write to an immutable, firm-scoped audit log including data exports, role changes, security setting changes and signature events.

Question 5

Do you claim SOC2, bank-level security or ATO approval?

Accepted Answer

No. We do not make those claims. We document our actual security practices honestly and do not advertise certifications we don't hold.

Question 6

How are backups handled?

Accepted Answer

Production database runs daily automated snapshots with 7-day rolling retention. Restores are operator-initiated. See the Backups page for the full posture.

Designed for sensitive financial data

Row-Level Security

Per-firm storage folders

Role-based access

Audit logs

MFA & step-up verification

No false claims