Trust Center

At a Glance

• Hosting: industry-standard cloud infrastructure, US-based
• Encryption: TLS 1.2+ in transit; AES-256 at rest
• AI provider: a contracted third-party large language model provider, with no model training and no product-improvement use of customer data
• SOC 2 Type I: Audit planned. Target completion: Q4 2026.
• Compliance frameworks supported: GDPR, UK GDPR, PIPEDA, CCPA/CPRA

Security

How we build, operate, and secure the FinanceIQ service: architecture, encryption, access controls, NetSuite OAuth handling, backups, and our responsible disclosure program.

AI Data Handling (Finley)

How Finley uses your data, end to end. What gets sent, where it goes, what our LLM provider does and doesn't do with it, and how to control it.

Privacy

How we collect, use, share, and protect personal information, including our sub-processor categories, your data rights, and how to exercise them.

Cookies

How we use cookies and similar technologies, and how to manage your preferences.

Terms of Service

The agreement that governs your use of FinanceIQ.

Acceptable Use Policy

What you can and can't do with the FinanceIQ service.

Service Status

Real-time and historical status of the FinanceIQ service and its key integrations.

Data Processing Agreement (DPA)

A boilerplate GDPR-compliant Data Processing Agreement is available on request for B2B customers in the EU, UK, or other jurisdictions that require one. Email contact@tryfinanceiq.com to request a copy.

Sub-processors

A current list of FinanceIQ's sub-processors, with purpose and region for each, is published in our Privacy Policy (Section 5.1). We will notify customers of material changes to that list.

Security Questionnaires

If your organization requires a completed security questionnaire (CAIQ, SIG, or your own format) as part of vendor onboarding, contact us at contact@tryfinanceiq.com.