FinbloomFinbloom

Encryption & Security Policy

Last updated: April 16, 2026

1. Field-Level Encryption

Finbloom encrypts every sensitive financial field individually — including salary, transaction amounts, account names, descriptions, and insurance policy details. This means each piece of data is encrypted separately, not just the database as a whole.

We use AES-256-GCM symmetric encryption, which is the same standard used by banks and government agencies worldwide. Each user has a unique Data Encryption Key (DEK) that encrypts only their data — no other user's key can decrypt your information.

2. Envelope Encryption & Key Management

Your DEK is itself encrypted using a master Key Encryption Key (KEK) managed by a cloud KMS provider with FIPS 140-2 Level 3 validated hardware security modules (HSMs). The master key never leaves the HSM.

This two-layer approach (envelope encryption) means that even if the database were compromised, the encrypted data would be unreadable without access to both the per-user DEK and the KMS master key.

DEKs are cached in an encrypted in-memory store for performance and are automatically destroyed when you delete your account.

3. Data in Transit

All communication between your browser and our servers uses TLS 1.2+ (HTTPS). API calls to third-party services (AI providers, bank connections, brokerage APIs, payment processing) are also encrypted in transit.

4. Authentication & Access Control

User authentication is managed by a dedicated identity provider with support for email/password and social login. All API requests are authenticated using short-lived tokens. We enforce the principle of least privilege — each component of the system has access only to the data it needs.

5. EU Data Storage & GDPR

All data is stored on EU-based servers. We comply with the General Data Protection Regulation (GDPR) and process your data only for purposes you have consented to. Your financial data is never sold, rented, or shared with third parties for marketing purposes. Where data is processed by third-party providers outside the EU, we ensure appropriate safeguards (Standard Contractual Clauses) are in place.

6. AI Processing

When you use AI-powered features (financial insights, document parsing, advisor chat), your data is sent to AI providers encrypted in transit. The data is:

  • Used solely to process your specific request
  • Never used to train AI models
  • Deleted by the provider after processing, per their data processing agreements

7. Bank Connections (PSD2)

Bank connections are facilitated through a licensed PSD2 Account Information Service Provider (AISP). When you connect a bank account:

  • Your bank credentials are entered directly on your bank's website — Finbloom never sees or stores your banking passwords
  • We receive read-only access to transaction history and balances
  • Consent is renewable every 90 days — you must explicitly re-authorize access
  • You can revoke access instantly at any time from your settings

8. Brokerage Connections

When you connect a brokerage account (e.g., Trading 212, Alpaca, Interactive Brokers):

  • OAuth tokens (access tokens, refresh tokens) and API keys are encrypted at rest using per-user encryption keys — the same envelope encryption used for all sensitive financial data
  • OAuth authorization uses cryptographic state tokens with a 10-minute expiry to prevent cross-site request forgery
  • Token refresh is handled server-side — brokerage credentials are never exposed to the browser
  • Brokerage connections are read-only — Finbloom cannot place trades or move funds
  • You can disconnect instantly by deleting the investment account, which permanently removes all stored credentials

9. What We Encrypt

The following fields are encrypted at rest using per-user keys:

  • Transaction amounts and descriptions
  • Salary, income profiles, and savings goals
  • Loan balances, terms, and payment details
  • Investment account names, portfolio values, and position data
  • Insurance policy details and premiums
  • Lease and recurring expense amounts
  • Monthly record values (salary, savings balance, expenses)
  • Bank account names and balances (via bank connections)
  • Brokerage API keys, OAuth access tokens, refresh tokens, and session data

Non-sensitive fields (dates, categories, user preferences) are stored unencrypted to enable filtering and search functionality.

10. File Storage

Uploaded documents (investment statements, transaction exports, images) are stored in encrypted object storage. Files are accessible only via time-limited signed URLs generated on demand. File references in the database store only internal paths, never public URLs.

11. Your Rights

  • Delete your account and all associated data permanently at any time
  • Disconnect bank and brokerage connections instantly from your settings
  • Request an audit trail of how your data has been accessed
  • Withdraw consent for data processing at any time
  • Export your data in a portable format

For any data-related requests, contact us at support@quantizebg.com.

12. Incident Response

In the unlikely event of a data breach, we will:

  • Notify affected users within 72 hours as required by GDPR
  • Provide full transparency about what data was affected
  • Take immediate steps to contain and remediate the incident
  • Report to the relevant supervisory authority where required