Data Security
We handle sensitive reconciliation data for storage portfolios managing thousands of tenants.
Here's how we protect it using bank grade protections.
Every client engagement begins with a mutual NDA before any financial data is shared. Your reconciliation data, tenant information, and bank transaction records are contractually protected. We do not share data between clients, and no competitor will ever see your portfolio's financial details.
All data is protected using bank-grade protections, including encrypted at rest using AES-256 and in transit using TLS 1.2+. Bank Account connections are established through Stripe Financial Connections, which is SOC 1 and SOC 2 Type II certified and uses the same security infrastructure relied upon by thousands of financial institutions. We do not store raw bank credentials — Stripe handles all authentication.
We follow a minimum-access model: every system connection uses the lowest level of permissions required for reconciliation. Stripe, SiteLink, and Storable integrations are read-only. We cannot initiate transfers, move funds, modify tenant records, or alter payment processing settings. Internally, access to client data is restricted to authorized personnel on a need-to-know basis.
Each client's data is logically isolated. No other operator, user, or client can query, view, or access your portfolio's financial records. Data from different clients is never commingled in processing or storage.
Reconciliation data is retained only for the period necessary to complete matching and produce reports. Upon request, we will permanently delete all stored data associated with your account. We will provide written confirmation of deletion.
Send us one month of bank, SiteLink, and Storable data for a single site. We'll return your first audit-grade reconciliation package within 48 hours — Summary, exceptions, running totals, and a final bank rec. No integration, no commitment.
Request your pilot reportOr email sales@reconciliational.com directly.