Data Domicile. Data is stored in US Only, and our entire team is US Based.
Data is encrypted at rest and during transmission.
FinMate AI provides TLS v1.3 Encryption for data in transit, AES-256 encryption for data at rest.
FinMate AI removes all primary copies of customer data after termination of services, all storage backups are fully deleted after 1 year.
FinMate AI has customizable data retention policies to fit your company's policies.
FinMate AI operates firewalls on all external network connections.
FinMate AI continuously runs security monitoring software on production systems.
FinMate AI is SOCII Type 2 Certified. You can find more information here.
FinMate AI isolates production data systems from test and development systems.
FinMate AI utilizes non-routable internal network addresses (RFC1918) and Network Address Translation.
Proxy servers are used to mediate network connections that cross network boundaries.
All devices connecting to the network have an approved build/configuration standard.
FinMate AI prohibits the use of insecure administrative protocols such as Telnet, SNMPv1.
FinMate AI hosts all infrastructure within Google Cloud Services.
FinMate AI operates anti-virus/anti-malware controls on all applicable devices.
Real-Time Updates are provided in regards to anti-virus, anti-malware, and other signature-based solutions updated with the latest signatures.
All FinMate AI employees are located in the US for data security and architectural integrity.
All FinMate AI employees sign Privacy + Security Policies, Confidentiality Agreements, NDA and User Agreements.
As of 2024 FinMate AI has 0 known security breaches.
As of 2024 FinMate AI has not been the subject of any investigations or Law Suits.
All FinMate AI users have unique IDs for all systems and applications.
User IDs are prevented from containing content indicating their access level.
FinMate AI operates on a "Lease Access" basis whereby access to any system has to be granted.
FinMate AI routinely reviews access levels which are periodically reviewed by IT and data owners to ensure individual access rights are appropriate based on job information.
The Following policies can be requested through our sales team. Please contact us to request.
SOC 2 Certification
Operation Security Policy
Information Security Policy