Your Documents. Protected at Every Layer.

🔒 Encryption

Data is encrypted in transit and sensitive credentials are encrypted at rest. We use proven cryptographic standards throughout the application.

• TLS encryption on all client-server communication (enforced by our hosting provider)
• OAuth tokens and service credentials encrypted with AES-256-GCM before database storage
• Passwords hashed with PBKDF2-SHA512 (100,000 iterations) and are never stored in plaintext
• Database connections require SSL certificates

🏠 Data Isolation

Each organization's data is logically isolated at the application level. All API queries are scoped to prevent cross-tenant data access.

• Strict per-organization data scoping enforced on every API endpoint
• Application-level access controls ensure users only see their organization's data
• All database queries are parameterized to prevent SQL injection

👤 Access Controls

Role-based access control ensures users only see what they need to. Actions are logged for accountability.

• Role-based access: Analyst, Auditor, Manager, Admin, and Super Admin tiers
• JWT tokens with 7-day expiration and server-side validation on every request
• Admin portal for user management and role assignment
• Execution logs track all AI audit operations and results

🤖 AI Data Policy

We take a strict, transparent stance on how your data interacts with AI. Your financial documents are processed to generate your audit, nothing else. They are never used to train, fine-tune, or improve any AI model.

• We never train AI models on your financial data. Your data stays yours
• Document text is sent to AI providers only for extraction and is not retained by them
• AI API calls use zero data retention settings where available (e.g., Anthropic's API)
• You can delete your uploaded documents and extracted data at any time

📊 Data Retention & Deletion

You control your data lifecycle. We provide delete functionality so data is removed when you request it.

• Delete contracts, invoices, and audit records at any time from the dashboard
• PDF content is not stored permanently. Only extracted structured data is kept
• Export your data in CSV format via the dashboard

PayAudit's database is hosted on Neon, a managed PostgreSQL provider. Neon automatically creates point-in-time backup snapshots as part of its infrastructure. Free-plan databases retain these automated backups for up to 7 days; paid plans retain them for up to 30 days. These backups exist solely for database recovery purposes — PayAudit employees cannot access individual user records through them, and they are managed entirely by Neon's infrastructure team. If your account is deleted or you request full data erasure, production records are removed immediately; backup copies will naturally expire within the applicable retention window (7 or 30 days). Users who require written confirmation of full backup purge beyond the standard window may contact privacy@payaudit.com.

✅ Compliance Readiness

PayAudit is designed with security best practices as a foundation. Our architecture choices are informed by leading security frameworks.

📄 GDPR & Data Processing Agreement (DPA)

PayAudit is committed to GDPR compliance. If your organization is based in the EU or UK, you may require a Data Processing Agreement (DPA) before using PayAudit.

To request a DPA: Email privacy@payaudit.com with subject line "DPA Request" and your organization name. We'll respond within 3 business days.

Our standard DPA covers: controller/processor roles, processing activities, security measures, sub-processor list, data transfers, and GDPR Article 28 requirements.

📧 Vulnerability Reporting

If you discover a security vulnerability, please report it to security@payaudit.com. We take all security reports seriously and will work with you to resolve issues promptly.

We operate a responsible disclosure policy and welcome input from the security research community.