Built for firms that take privacy seriously.
We handle your clients' books, so security isn't a feature — it's the product.
TLS 1.2+ for every connection. Database storage uses AES-256 at rest. Receipts and uploads sit in a private bucket — no public URLs.
Tenant isolation enforced by row-level security at the database, not just the app. Every table is scoped to your firm by policy.
We never ask your clients for online-banking usernames or passwords. We work from CSV exports or read-only QuickBooks OAuth.
Client question pages use single-purpose, signed tokens that expire after 30 days and cannot be enumerated.
Every approval, send-to-client, sign-off, and export is recorded with the actor and a timestamp.
Owners can export everything as JSON/CSV or close their firm and erase data from Settings.
Responsible disclosure
Found something? Email security@ledgerflow.app. We respond within one business day and don't pursue good-faith research.