Security

Last updated: April 14, 2026

Your financial data is sensitive, and we treat it that way. This page describes the security measures we have in place to protect your information. If you have security concerns or wish to report a vulnerability, contact us at [email protected].

At a Glance

✓ Encryption in transit (TLS) and at rest

✓ Row-level data isolation per user

✓ No full card or account numbers stored

✓ Biometric lock on iOS (Face ID / Touch ID)

✓ Automatic session expiration

✓ No advertising or cross-app tracking

✓ Private file storage (no public URLs)

✓ Security audit logging

1. Data Encryption

All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security). Data stored in our database and file storage is encrypted at rest. Sensitive configuration values are additionally encrypted using industry-standard symmetric encryption before being stored.

2. Access Controls

Every database table enforces row-level security, meaning you can only access your own data. This is enforced at the database level, not just the application level, providing defence in depth.

Uploaded documents (receipts, bank statements) are written briefly to a per-user private bucket so the extraction pipeline can read them, and are removed automatically as soon as the job finishes — typically within seconds. A backstop sweep deletes anything older than 24 hours. The extracted transactions stay; the original file does not. You can verify this in Settings → Privacy → Trust Receipt, where every storage event is logged and paired with its corresponding removal.

The one exception is morning briefing audio, which is kept for up to 3 days so you can replay it. The Trust Receipt screen labels these distinctly.

3. Authentication

Sign-in methods — email/password, Sign in with Apple, and Google Sign-In. All authentication is handled by our managed authentication provider.
Session management — sessions expire automatically after a period of inactivity. Tokens are short-lived and refreshed securely.
iOS biometric lock — the iOS app requires Face ID or Touch ID to unlock after a period of inactivity, adding a local layer of protection even if your device is unlocked.
App Switcher protection — on iOS, the app's content is obscured in the App Switcher to prevent screenshots of your financial data.

4. Data Minimisation

We follow the principle of collecting only the minimum data necessary:

We store only the last 4 digits of card or account numbers — never full numbers.
We do not store government-issued identification numbers (SSN, SIN, etc.).
Payment card details for subscriptions are held by our payment processor, not by us.
Biometric data (Face ID / Touch ID) is processed entirely on-device and never reaches our servers.
Camera access is used only for receipt scanning and the feed is not stored.
Voice conversations with our voice assistant are processed in real time and not permanently recorded.

5. Infrastructure Security

Network security — our servers enforce strict security headers including Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), and clickjacking protection.
Firewall — our infrastructure allows only necessary ports (HTTPS) and blocks all other inbound traffic.
Secrets management — no credentials, API keys, or secrets are stored in source code. All secrets are managed through secure environment configuration.
Dependency scanning — we regularly audit third-party dependencies for known vulnerabilities.
Rate limiting — API endpoints are rate-limited to prevent abuse.

6. AI and Third-Party Provider Security

When your data is processed by AI or other service providers:

Data is transmitted over encrypted connections only.
Providers are contractually prohibited from using your data for their own purposes, including training AI models.
We select providers with established security and compliance certifications.
Sensitive data is never logged in plain text — our logging system automatically redacts personal information.

7. Audit Trail

We maintain security audit logs for critical operations such as file access, API key changes, and administrative actions. These logs are retained for 7 years for regulatory compliance. Audit logs do not contain your financial data — they record only the fact that an action occurred, who performed it, and when.

8. Account Deletion

You may delete your account at any time from within the app. Upon deletion, all of your personal and financial data is permanently removed within 30 days, including files stored in our cloud storage and your authentication credentials. For full details, see our Privacy Policy.

9. Responsible Disclosure

If you discover a security vulnerability in SaveScout AI, we ask that you report it to us responsibly. Please email [email protected] with details of the vulnerability. We will acknowledge your report within 48 hours and work to resolve the issue promptly.

Please do not publicly disclose the vulnerability until we have had a reasonable opportunity to address it.

10. Continuous Improvement

Security is an ongoing process. We regularly review and update our security practices, conduct dependency audits, and monitor for threats. This page will be updated as our security posture evolves.