Receipt Bundler
Sign In

Security at Receipt Bundler

Your data security is our top priority. We implement industry-leading security practices to protect your sensitive financial information.

Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your receipt images and sensitive information are protected at every stage.

European Data Centers

Your data is stored exclusively in EU-based data centers, ensuring compliance with European data protection regulations and data sovereignty requirements.

Secure Authentication

We use industry-standard OAuth 2.0 with one-time passwords (OTP) for authentication. No passwords to remember or manage, reducing the risk of credential-based attacks.

Access Controls

Role-based access ensures employees only see their own receipts. Admins have controlled access to company data with full audit trails of all actions.

Regular Audits

We conduct regular security assessments and penetration testing to identify and address potential vulnerabilities before they become issues.

GDPR Compliant

Full compliance with GDPR requirements including data portability, right to deletion, and transparent data processing practices.

Infrastructure Security

  • Network Security: Firewalls, intrusion detection systems, and DDoS protection safeguard our infrastructure from external threats.
  • Database Security: Databases are isolated in private networks with no direct internet access. All queries are parameterized to prevent SQL injection.
  • Backup & Recovery: Automated daily backups with point-in-time recovery. Backups are encrypted and stored in separate geographic locations.
  • Monitoring: 24/7 system monitoring with automated alerts for suspicious activity or performance anomalies.

Data Handling Practices

We follow the principle of least privilege - our systems only access the data necessary to provide our services. Receipt images are processed through our OCR system and the extracted data is stored securely.

We do not share, sell, or use your receipt data for any purpose other than providing our service. Your financial information remains confidential and is only accessible to authorized personnel within your organization.

When you delete data or close your account, we perform secure deletion within 30 days, ensuring your information is completely removed from our systems.

Security Vulnerability Reporting

We take security seriously and appreciate responsible disclosure of any vulnerabilities. If you discover a security issue, please report it to us privately so we can address it promptly.

security@receiptbundler.com

Please include details about the vulnerability and steps to reproduce. We will respond within 48 hours.

Compliance & Standards

🇪🇺

GDPR

Full compliance with EU data protection

🔒

TLS 1.3

Latest encryption standards

💳

PCI DSS

Payment processing via Stripe (PCI compliant)

🛡️

SOC 2 Type II

Infrastructure hosted on certified providers