Security
Encryption at Rest
All your data — including receipts, emails, attachments, and database records — is encrypted when stored. We use 256-bit AES encryption for our database, and server-side encryption (SSE-S3) for all files stored in our cloud infrastructure. This means even if someone were to gain physical access to our servers, your data would remain unreadable without the encryption keys.
Encryption in Transit
Every piece of data moving between your device and our servers is protected by TLS 1.2 encryption — the same standard used by major banks and financial institutions. We enforce secure connections on all our services, and explicitly deny any requests that do not use SSL/TLS. Your receipts, personal information, and account details are never transmitted in plain text.
Access Controls
We follow the principle of least privilege — only authorized personnel who need access to perform their duties can access our systems. Our database is accessible only via private network connections using Azure Private Link, completely removing it from the public internet. Our file storage has public access blocked at the account level, preventing any accidental exposure of data.
Monitoring and Logging
We continuously monitor our infrastructure for unauthorized access attempts and unusual activity. Every API call and data access event is tracked and logged. This allows us to detect and respond to potential security incidents quickly and maintain a complete audit trail of all system activity.
Our Commitment
We understand that you're trusting us with your financial information. That trust is something we take seriously. Our security measures are designed to meet and exceed industry standards for data protection, and we continuously review and improve our security practices as technology evolves.
If you have any security concerns or questions, please contact us at [email protected].
© 2026 Yubilly Receipt Services Inc. All rights reserved.