Security at Auditable Books

• Encryption — TLS 1.2+ in transit; AES-256 at rest, including QuickBooks OAuth tokens (AES-256-GCM).
• Identity — Google Sign-In via OAuth. We never see, store, or transmit your password.
• Access control — JWT-gated APIs with role-based access; least-privilege production access for a small, named set of operators; every operator action is logged.
• Audit trail by default — every AI proposal, override, and human approval is timestamped, attributed, and exportable as a workpaper. This is the product's signature artifact, not a back-office log.
• Human-in-the-loop writes — the AI never posts to a client's books without an explicit accountant approval. Every write lands as a proposed → reviewed → posted → verified record.
• Data residency — Customer records are stored in Supabase's Canada Central region (ca-central-1, AWS Montreal); application infrastructure is hosted on Hetzner in Germany.
• Vulnerability disclosure — [email protected] (see §9 below).

• In transit: TLS 1.2 or higher between your browser, our application, our database, the QuickBooks Online API, and our AI sub-processors.
• At rest: AES-256 on the database tier (managed by Supabase). QuickBooks OAuth refresh tokens are additionally wrapped with AES-256-GCM at the application layer so a database-only compromise does not yield ledger access.
• Secrets: production credentials are stored in our hosting provider's secret manager. No secrets are committed to source control.

• Authentication is handled by Google Sign-In (OAuth 2.0). Multi-factor authentication is enforced at the Google account level; we recommend enabling it on every firm user's Google account.
• Application access is gated by short-lived JSON Web Tokens (JWTs); every request is validated server-side before it reaches your data.
• Role-based access enforces firm / partner / staff boundaries. A staff user only sees the engagements assigned to them; partners see the full firm scope.
• Operator access to production is least-privilege and limited to a small, named set of engineers. Operator actions are logged.

Every AI suggestion, every human override, and every approval lands as an append-only event with: actor, session, timestamp, inputs, the rule that fired (or "raw LLM judgment" if none), tool calls made, the resulting decision, and the human approver. A reviewer can replay any reconciliation, variance analysis, or categorisation decision and see exactly how the answer was produced.

Workpaper exports (CSV + PDF) are generated from this trail per engagement. They are designed to drop into a firm's review binder without re-entry. Per professional standards (ISA 200, AU-C 200, ISQM 1) audit work is per-engagement; we provide a multi-client workspace but every audit trail is scoped to a single engagement, with its own evidence bundle.

Auditable Books never posts to a client's QuickBooks file without explicit accountant approval. The product follows a Read → Reason → Request → Record flow: the agent reads QBO data, identifies an issue or proposes a match, requests approval from the responsible accountant, and only then records the change back to QBO. Every step is logged. The accountant — never the AI — signs the workpaper.

Every agent-driven feature ships with a firm-admin policy toggle so a partner can disable a class of automation firm-wide; toggle changes are themselves audit-logged.

Some Auditable Books features call third-party large language models (currently Anthropic Claude and OpenAI). When the agent reasons over ledger data, the relevant snippet is sent to the model provider over a TLS connection. Per our contracts with these providers, on the API tiers we use:

• Your data is not used to train the provider's public models.
• We minimise what is sent — typically only the rows the agent needs for the current task, never your whole ledger in bulk.
• We never send QuickBooks tokens, authentication credentials, or other secrets to the model.

Application infrastructure runs on Hetzner in Germany. Customer data — firm accounts, reconciliation history, AI decision trails, workpaper metadata — is stored in Supabase's Canada Central region (ca-central-1, AWS Montreal), placing customer records under the Personal Information Protection and Electronic Documents Act (PIPEDA).

Current sub-processors:

• Supabase — managed Postgres + auth (Canada Central, ca-central-1).
• Hetzner — application hosting (Germany).
• Cloudflare — network, DDoS protection.
• Resend — transactional email.
• PostHog — aggregate, non-identifying product analytics. No advertising cookies.
• Anthropic and OpenAI — large-language-model inference, on enterprise / API tiers with no-training contractual terms.

Each sub-processor is bound by a data-processing agreement. The current list is published here; material changes are announced to registered firm administrators with at least 14 days' notice before they take effect.

• Server logs (IP, user-agent, request path, status, timestamp) — retained 30 days for security and debugging, then deleted.
• Activity log (every agent-driven write, every human approval) — 7 years, matching standard audit-evidence retention, unless you request earlier deletion and no legal hold applies.
• Ledger data and reconciliation history — for the lifetime of the account; deleted 30 days after account closure unless legal hold applies.
• QuickBooks OAuth tokens — deleted within 24 hours of disconnecting the corresponding company in the in-app switcher.

If you discover a vulnerability or a sensitive data issue please email [email protected]. Please do not file a public issue or share the details on social channels until we have had a chance to investigate.

We will:

• Acknowledge your report within two business days.
• Provide an initial triage and severity assessment within five business days.
• Keep you informed during remediation and credit researchers who request acknowledgement (unless they prefer to remain anonymous).

We do not currently run a paid bug-bounty programme but treat coordinated disclosure as a partnership and respond accordingly.

We are intentional about what we put on this page. As of the effective date above, Auditable Books has not obtained an external SOC 2, ISO 27001, or PCI-DSS certification. These are on our roadmap and we will list certificates here as they are issued. If a certification is required for your engagement, contact [email protected] and we will share our current control documentation and target dates under NDA.

When we make material changes (a new sub-processor, a change in data residency, a new certification) we will update this page and email registered firm administrators at least 14 days before the change takes effect. The "Effective" date at the top is always authoritative.