Security & Trust
How we protect your financial data
What We Collect
- •Assessment responses and calculated results
- •Email address (only if you choose to save or receive results)
- •No bank account numbers, passwords, or Social Security numbers—ever
How We Protect It
🔐
Encryption in Transit
TLS 1.3 encryption for all data transmission—the same protocol used by banks.
🛡️
Encryption at Rest
256-bit AES encryption for all stored data via Supabase.
✅
Input Validation
All inputs validated with strict schemas (Zod) to prevent injection attacks.
⏱️
Rate Limiting
API endpoints protected against abuse with per-IP rate limits.
🧱
Security Headers
Content-Security-Policy, X-Frame-Options, and other protective headers.
☁️
Infrastructure
Hosted on Vercel and Supabase—both SOC 2 Type 2 compliant.
What We'll Never Do
- ✕Sell your data to third parties
- ✕Share your information with advertisers
- ✕Ask for sensitive credentials or account access
- ✕Store more data than necessary
Your Control
- ✓You can use most tools without creating an account
- ✓Email is optional—only needed to receive results
- ✓Contact us anytime to request data deletion
Questions about security?
support@financiallyoptimized.com