Security & Privacy

In transit. All traffic between your browser, our application, and our backend uses TLS 1.2 or higher. Insecure connections are refused.

At rest. Your database is encrypted with AES-256 on Supabase-managed infrastructure. Nightly backups are encrypted with the same standard.

Plaid access tokens. The credential that lets us sync your accounts is encrypted inside Supabase Vault (libsodium authenticated encryption) and never stored in plaintext in our application tables. Only a narrow service-role backend path can decrypt it, and only at the moment a sync runs.

Row-level security.Our database enforces household-level isolation at the engine level. A signed-in user can only read their own household's data — not by convention, by database policy.

Staff access. No Bravisma Soft employee has standing access to your financial records. Production decryption paths require the service role, which is held only by server-side workers. When engineering needs to debug a specific issue, access is scoped, time-bound, and logged.

Audit logging. Administrative actions are recorded with actor, target, and timestamp. Decryption of Plaid tokens occurs only inside the backend worker path.

Passwords. Hashed with Argon2id by Supabase Auth. We never see your password in plaintext.

Sessions. Short-lived access tokens plus rotating refresh tokens. Sessions can be revoked from your settings at any time.

Multi-factor authentication. Available for all accounts and recommended for every user.

We do not sell your data.Ever. Not aggregated, not anonymized, not “for research.”

We do not train AI models on your data. Your financial information is not used to train foundation models. AI providers we call (for the assistant feature) operate under zero-retention agreements where available.

We do not run ads. There is no advertising product and no ad tech embedded in the application.

We do not store bank credentials. Your bank username and password are entered directly with Plaid and never touch our servers.

What Aurelius can see:your profile, your household's account balances and transactions (because we display them to you), your subscription status.

What Aurelius cannot see: your bank login, your payment card number, your password, the contents of your individual messaging platform chats outside of Aurelius.

What Aurelius staff sees day-to-day:nothing. Engineers work against test data. Customer support reads a household's data only when you open a support ticket and only under a logged elevation.

You can disconnect any bank connection at any time from Settings → Connections. You can delete your account from Settings → Privacy; we purge your financial records within 30 days and drop any Plaid connections immediately.

We follow a documented incident response plan with on-call rotation. In the event of a confirmed data breach affecting your information, we will notify you within 72 hours and disclose the scope, the data involved, and the remediation steps taken.

Security questions, vulnerability reports, and data requests: security@aureliusfinance.us.

For the legal framework around what data we collect and why, see our Privacy Policy.