Is my data secure?

Yes. Your data is encrypted in transit and at rest and hosted in the EU. Your bank login is never stored and bank access is read-only. Invoflux reads only what it needs from Google and never sends email as you. Your invoice files stay in your own cloud, and you can export or delete your data anytime.

Written By Sergiu Biris

Last updated 10 days ago

Your data security is something we take seriously. Here is the short version, with links to the details.

The essentials

  • Encrypted everywhere. Your data is encrypted in transit (HTTPS) and at rest, and it is hosted in the EU.
  • Your bank login is never stored. Bank connections are read-only and use 256-bit encryption through a licensed, EU-regulated open banking provider. See How your bank connection is protected.
  • Minimum access to Google. Invoflux reads only what it needs to find invoices, never sends email from your account, and never reads or changes unrelated files in your Drive. See What Invoflux can access in your Google account.
  • Your files stay yours. Invoices are mirrored into your own cloud storage, which you control. See Where your data is stored and who can see it.
  • You control access. Team members get only the access their role allows, and your accountant is read-only. See Where your data is stored and who can see it.
  • Your data, your choice. You can export or delete your data at any time, in line with GDPR. See Your privacy and GDPR rights.

Independently assessed

Invoflux is Google CASA Tier 2 certified, and we run regular independent security testing. See Our security practices.

Result

Whatever you do in Invoflux, your invoices, bank data, and account are protected by encryption, least-privilege access, and EU hosting, and you stay in control of your data.

  • How your bank connection is protected
  • What Invoflux can access in your Google account
  • Your privacy and GDPR rights