Bank-Grade Security

Your data is safe with us

We use the same security standards as major financial institutions to protect your information.

256-bit AES encryption

All data is encrypted at rest and in transit using industry-standard 256-bit AES encryption — the same standard used by banks and government agencies.

Enterprise-grade infrastructure

Built on Vercel and Neon PostgreSQL — both SOC 2 Type II certified platforms — with continuous monitoring, automated backups, and DDoS protection.

We never sell your data

Your bill data is used solely to find savings opportunities for you. We will never sell, share, or monetize your personal information with third parties.

Read-only access

Bill Savvy can only read the information you provide. We can't make changes to your accounts, plans, or provider settings — you stay in full control.

How we protect your data

Multiple layers of protection keep your information safe at every step.

🔐

Encrypted storage

Passwords are hashed with scrypt — a memory-hard algorithm stronger than bcrypt. We never store passwords in plain text. All sensitive data is encrypted at rest using AES-256 in our database.

📄

Document privacy

When you upload or photograph a bill, we extract only the details needed (provider, amount, service type) using AI-powered OCR. Your actual bill document and any personal information visible on it are never stored — the file is discarded immediately after extraction.

🔒

Secure transport & sessions

All traffic is served over TLS 1.3 — every API call, page load, and data transfer is encrypted in transit. Authentication uses HTTP-only cookies that can't be accessed by JavaScript, protecting against XSS attacks. Sessions expire automatically.

Privacy by design

We collect only what we need, and we're transparent about how we use it.

What we collect

  • Your name and email for account authentication
  • Bill details you enter or upload (provider, amount, service type)
  • Usage data to improve the product experience

What we never do

  • Sell or share your data with advertisers or data brokers
  • Access your bank accounts or make changes on your behalf
  • Store payment details — Stripe handles all billing securely
  • Store uploaded bill documents or images — files are discarded after data extraction

Our practices align with GDPR principles. You can request a full export or deletion of your data at any time.

Infrastructure security

Built on enterprise-grade platforms trusted by thousands of companies.

Hosted on Vercel

Our application runs on Vercel's edge network with automatic DDoS protection, global CDN distribution, and zero-downtime deployments.

🐘

Neon PostgreSQL

Your data is stored in Neon's serverless PostgreSQL with automated backups, point-in-time recovery, and encryption at rest.

🔄

Regular updates

Dependencies are monitored for vulnerabilities. Security patches are applied promptly and infrastructure is kept up to date.

Start for free — your data
is always protected.

Your security is non-negotiable. Every Bill Savvy account — free or premium — gets the same bank-grade protection.

Create Free Account