Trust & data safety

Your tax data, and why you can trust us with it

You’re handing SheltrIQ some of the most sensitive information you own — tax IDs, bank activity, property records. Here are straight answers to the questions landlords actually ask, in plain English. For the technical details, see our Security page.

Self-hosted AI AES-256-GCM encryption Database-level isolation Encrypted, tested backups Export & delete anytime
Who can see my data?

Only you. Isolation is enforced inside Postgres itself with Row-Level Security under a non-privileged database role — not just in application code that a bug could bypass. One landlord can never query another landlord’s properties, transactions, or documents.

Do you sell my data or share it with advertisers?

No. SheltrIQ makes money from subscriptions, not from your data. We don’t sell it, we don’t hand it to data brokers, and there are no advertising trackers pulling your financial activity out the side door.

Does my financial data get sent to OpenAI or another third-party AI?

No. Our expense classification runs on self-hosted, open-source models on our own servers — your transactions are never piped to an outside AI provider. And the AI never decides alone: classification is rules-first, with deterministic tax logic and your own corrections handling the clear cases, so the model only weighs in on genuinely ambiguous ones — always with a confidence score you can see and override.

Is my data encrypted?

Yes. Everything travels over TLS 1.2+ with HSTS. Your most sensitive fields — tax IDs (SSN/EIN), stored bank-connection credentials, and tenant-screening data — are additionally encrypted with AES-256-GCM before they touch the database, and the rest lives on encrypted disks. Card numbers never touch our servers at all — billing goes straight to Stripe (PCI DSS Level 1).

Can I get my data back out?

Any time. You can export your data — including the full classification audit log — whenever you want, so you’re never locked in and your accountant always has what they need.

What happens to my data if I cancel or ask you to delete it?

If you cancel, your data stays available for 30 days. If you ask us to delete your account, we permanently remove your personal, property, transaction, and document data within 30 days — after which it may persist only in encrypted backups for up to 7 more days before those are purged.

What happens if there’s ever a breach?

We build to prevent one — RLS isolation, encryption at rest, and error monitoring that scrubs authorization headers, cookies, and any SSN/EIN patterns before anything is recorded. And we prove our backups actually restore with an automated drill every week. If your data were ever exposed, we would tell you promptly and plainly. We won’t hide it.

Are you SOC 2 certified?

Not yet — a formal audit is on our roadmap, and we won’t claim a certification we don’t hold. Payment security is inherited from Stripe (PCI DSS Level 1). If a specific control matters to your decision, email us and we’ll tell you exactly where it stands.

How do I report a security problem?

Email [email protected] with the details and steps to reproduce. We’ll acknowledge it, keep you posted on the fix, and credit you if you’d like.