Security at ZentraSnap

We handle sensitive financial data with a radically simple philosophy:
We can't lose what we don't keep.

Bank Statements

100% Local Processing

  • Processing in Browser: Analysis happens entirely inside your machine.
  • No Cloud Uploads: Files never leave your local device.
  • Total Privacy: Zero risk of a cloud data breach for statements.
Invoices & Receipts

Zero-Retention Cloud

  • Instant Destruction: Extracted in temporary memory and permanently wiped instantly.
  • No Database: We absolutely do not save your files.
  • No AI Training: We use isolated APIs. Your data is never used to train models.
Platform Wide

Enterprise Infrastructure

  • PCI-DSS Level 1: Billing and payments by Stripe.
  • SOC-2 Type II: Identity, passwords, and MFA managed by Clerk.
  • Hosting: Built on Vercel's secure global network, adhering to strict ISO 27001 and CCPA compliance standards.

Technical & Security Specifications

Enterprise-Standard Transport Security

Protected by strict HTTPS protocols using TLS 1.3 encryption with AES-GCM cipher suites the same standards required by major banks; ensuring documents are safe from interception.

Pre-Processing File Validation

Cryptographic Verification: We inspect the internal binary headers (Magic Numbers), of every file to verify its true format.

Metadata Stripping: We automatically remove hidden EXIF data, location tags, and device metadata.

Blind Server Logging

We operate a strict "No-PII" logging policy. Names, client details, financial figures, and document contents are completely blinded and never written to our system logs.

Abuse Protection

We prevent automated attacks by tracking the number of requests made over a rolling time window to prefent malicious flooding.

Frequently Asked Questions

If I close my browser, can I get my extracted data back?

No. Because of our strict Zero-Retention architecture, once you close the page, the data is gone forever. Please export your data to Excel before leaving. We believe this minor inconvenience is worth the absolute guarantee of your clients' privacy.

Are you GDPR compliant?

Yes. Because we do not store, archive, or retain any personal data from your documents, using ZentraSnap minimizes your external data footprint, making it incredibly easy to maintain your practice's GDPR compliance.

Legal & Compliance Hub

ZentraSnap is committed to full regulatory compliance for Irish and global accountancy practices. Review our documentation as a Data Processor:

Privacy PolicyTerms of ServiceData Processing Addendum (DPA)