Trust & security

How we keep your data safe.

Swippee processes financial documents. We treat that seriously. Here are the specific practices, the sub-processors we use, and the controls in place.

Encryption

  • All traffic is TLS-encrypted in transit (TLS 1.2+, modern cipher suites only).
  • Storage is encrypted at rest by our infrastructure providers (AES-256, managed keys).

No AI touches your data

Your statements are never sent to any large language model or third-party AI service. Parsing runs on our own code, and your financial data is never used to train, fine-tune, or prompt an AI system.

API keys & sessions

  • API keys are stored as SHA-256 hashes. The plaintext is shown once at creation; we cannot recover lost keys.
  • Dashboard sessions use hardened, signed cookies with rotating server secrets.
  • Privileged internal access is separated from customer sign-in, behind stricter authentication and shorter sessions.

Retention

  • Raw statement files — deleted within 24 hours of processing by default. Scale-tier customers can configure "delete immediately after parse."
  • Structured JSON results — retained for the lifetime of the originating customer organization so they can re-fetch via the API. Deleted on request.
  • API metadata / usage events — retained ~24 months for billing and abuse-prevention.

Audit logging

Every meaningful action on the platform (key created / revoked, webhook added / disabled, plan changed, contribution decided) is recorded with IP address, user agent, and timestamp. Customers can pull their own organization's audit trail.

Sub-processors

To run the service we rely on a small set of vetted, industry-standard infrastructure providers — covering application hosting and CDN, a managed database, encrypted object storage, background processing, transactional email, and NPR payment processing. Each is bound by data-processing terms equivalent to the commitments we make to you, and statement files are encrypted in transit and at rest.

We keep the specific provider names internal to limit our attack surface. Enterprise customers can request the current named sub-processor list and hosting regions under our Data Processing Agreement — email hello@swippee.com.

Internal access controls

  • Access to production is least-privilege — granted only to staff who need it, under an internal access-control policy.
  • Any privileged action is recorded in an audit trail tied to the staff member's identity.
  • No staff member can read raw statement files without going through a logged process.

Vulnerability reporting

If you find a security issue, please email hello@swippee.com. We acknowledge within 48 hours and prioritize fixes for issues that could affect customer data.

Regulatory standing

Swippee is a document-parsing service. We are not a bank, payment company, or licensed financial institution in Nepal. Our structure is intentionally outside NRB's PSO/PSP licensing perimeter. Final legal opinion in progress.