Security & data handling

Where your data goes, and who checks it before it ships.

CPAs ask this before they sign anything — as they should. Here is the plain-English version, not a policy PDF. If a question isn't answered here, ask it directly.

01

AI runs API-only — nothing trains on your data

We call AI models through their standard business API. Under those terms, your data is not used to train models and is not retained by the AI provider beyond the request. It is not a chatbot with memory of your firm.

02

Identifiers are stripped or minimized before processing

Where a workflow allows it, client names, account numbers, and other direct identifiers are removed or masked before data is sent for AI processing. The system reconnects results back to the right record — not the AI step.

03

A human reviews before anything ships to a client

Every AI-touched output — a classified document, a drafted entry, a flagged exception — sits behind a review gate. Nothing reaches a client or a client-facing system without a person seeing it first.

04

Encrypted in transit and at rest

Data moving between your systems (QuickBooks, ShipStation, your CRM) and ours is encrypted in transit. Anything stored — logs, configuration, workflow state — is encrypted at rest.

05

NDA standard with every engagement

A mutual NDA is part of the standard engagement letter, signed before any system access is granted — not an add-on you have to request.

06

You own every deliverable and its documentation

Dashboards, scripts, workflow documentation, and runbooks belong to you. If you cancel or pause, you keep everything already built and the plain-English notes on how it runs.

The tie-out control

Human review is a checklist, not a vibe.

"A person looks at it" only means something if the same checklist runs every time. This is the reconciliation pass every AI-touched workflow goes through before it reaches production or a client.

Every AI-classified or AI-drafted item is flagged, never silently auto-applied

Source totals are compared against output totals before delivery

Exceptions and low-confidence items route to a person, not a client

A named human signs off before a workflow goes from test data to production data

Questions firms actually ask

Data handling, answered directly

Does the AI model ever see raw client financial data?

Only the fields a given workflow needs, and only through an API call with no training/retention on our data. Where identifiers can be stripped without breaking the workflow, they are.

What happens if the AI gets something wrong?

It gets caught at the human-review gate before it reaches a client or a production system. That gate is not optional — it is built into every workflow we ship, and it is documented in the handoff.

Do you sign an NDA before we give you system access?

Yes, standard for every engagement — it is part of the engagement letter, not a separate negotiation.

Who owns the dashboards and scripts once they are built?

You do. Full stop. If the engagement ends, you keep the deliverables, the source files, and the documentation.

Still have questions

Ask before you sign, not after.

Every engagement letter spells out data handling in writing. Happy to walk through it on a call first.