Log in

Audit-ready security infrastructure.

Security is not a feature, it's a requirement. We are constantly iterating on our security posture to ensure we are meeting our customers' standards.

Encryption

Every byte encrypted in transit and at rest.

TLS 1.3 · AES-256

Access Control

Role-based permissions at the organization level.

RBAC · Enforced at the database layer

Audit Trail

Every action logged. Every decision traceable. Built for the review that comes later.

User-attributed · Exportable

What's running today.

  • TransportTLS 1.3 for all data in transit.
  • At restAES-256 encryption for all stored data, managed by Supabase on AWS.
  • Access controlRole-based permissions at the organization level, enforced at the database layer.
  • Audit trailVerified runs are immutable audit records. Corrections create a new verified run that supersedes the prior one — both the original and the correction remain accessible in the workflow's history. Each verification captures a versioned disclosure attestation (user, timestamp, IP address, and user-agent), exportable as a signed PDF on request.
  • Supersession metadataSupersession events on verified periods are captured with categorical reason metadata (source, trigger, type, optional rationale). Reason metadata supports both per-organization audit trails and aggregate cross-organization benchmarks; aggregate participation is configurable in organization settings.
  • Data residencyUS-only. All data stored on Vercel and Supabase (AWS us-east-1). No transfers outside the United States.
  • Multi-factor authenticationRequired on all internal admin systems (hosting, database, source control, email, banking).
  • Personnel accessFiscle personnel access customer data only when necessary to provide support, investigate a security incident, or comply with a legal obligation. Restricted to authorized personnel with multi-factor authentication.
  • Security incident notificationConfirmed security incidents affecting customer data are reported to affected customers within 72 hours.
  • Support response1 business day for general support; 4 hours for security-related issues, during business hours.
  • Uptime monitoringContinuous uptime monitoring with a public status page — open to anyone who wants to verify Fiscle's operational state. View status page →
  • Data ownershipYou own your data. Full export available on request. Deletion processed within 30 days.

What's on the roadmap.

  • Customer-side multi-factor authenticationComing soon
  • SOC 2 Type IIUnder evaluation as customer base scales
  • Penetration testingWhen customer requirements warrant
  • Enterprise SSOOkta, Azure AD, Google Workspace
  • CMKCustomer-managed encryption keys
  • ResidencyRegional data residency

How your data is handled.

Customer files, computed results, and AI chat conversations are uploaded to or generated within Fiscle and processed within our infrastructure. All three are retained for the duration of your active subscription.

  • AI processingAI providers (Anthropic) process file content and chat messages during extraction, configuration, and Assistant interactions. Anthropic does not train on Fiscle customer data per their commercial terms. Extraction results and chat history are stored in Fiscle's database, scoped to your organization.
  • SharingNo sale of customer data. No advertising-data sharing. No data brokers.
  • RetentionWhen you delete an unverified item in Fiscle (a workflow, file, chat, draft period, or run), the database row and any associated storage objects are removed from active systems immediately — no soft-delete, no internal archive. Database backups retain deleted rows for 7 days before being overwritten, after which they are unrecoverable. Storage is not included in backups; deleted files cannot be recovered. Account cancellation hard-deletes the entire organization from active systems and all data Fiscle holds, with the same 7-day database backup window. Verified periods are an exception: they are retained as immutable audit records and cannot be deleted via the app. To remove verified data entirely, contact privacy@fiscle.ai — Fiscle will execute a manual purge upon written request, within a reasonable timeframe.

Compliance & legal.

  • Data Processing AgreementStandalone DPA published at fiscle.ai/dpa, incorporated by reference into the Terms of Use. Covers roles, security measures, audit rights, and 72-hour incident notification.
  • SubprocessorsFull subprocessor list — all US-based — published at fiscle.ai/subprocessors. 30 days advance notice of changes for subscribed administrators.
  • No PHI / no BAACustomers represent and warrant they will not upload Protected Health Information to Fiscle. Fiscle does not enter into HIPAA Business Associate Agreements.

Last updated: 2026-05-27.