Security & Data Protection

How we keep your financial data safe and private

Your uploaded documents often contain sensitive financial information. We treat that responsibility seriously.
DealSheets.ai is built to meet the standards expected by private equity, investment banking, and corporate finance professionals.

Encryption

In Transit

All file uploads and downloads use HTTPS/TLS 1.3 encryption. Your PDFs and Excel files are encrypted before they leave your browser and remain encrypted throughout transmission.

At Rest

Files stored temporarily during processing are encrypted using AES-256 encryption within isolated storage containers.

Each processing job operates in its own secure environment with no shared memory or file paths.

Auto-Delete Policy

We retain files only as long as necessary to complete processing or allow re-downloads.

  • Free Tier: Files deleted immediately after download
  • Professional Tier: Files retained for 24 hours for re-download, then permanently deleted
  • Enterprise Tier: Custom retention policies available (7–30 days)

Once deleted, files are unrecoverable, even by our internal team.

No backups or archives are maintained.

No Training on Your Data

Your financial data is never used for model training or third-party research.

DealSheets.ai relies on deterministic parsing and validation methods, not probabilistic language models, to ensure zero hallucination and complete data privacy.

Private Processing Queues

Each uploaded file is processed in a dedicated, isolated environment.

  • No cross-contamination between users or organizations
  • Dedicated processing queues for paid tiers
  • Memory cleared automatically after each job completes

All automation runs under controlled service accounts with minimal privileges.

Access Controls

We believe in strict data isolation and least-privilege access.

Role Access Level
You Full access to your uploaded and generated files
Our Systems Automated processing only, no human access
Our Team No access unless you explicitly request support through the contact form
Third Parties Zero access — we do not share, sell, or transfer your files

Infrastructure Security

DealSheets.ai operates on enterprise-grade infrastructure with layered protection.

  • Servers hosted in SOC 2–compliant data centers
  • Regular security audits and penetration testing
  • Automated vulnerability scanning and patch management
  • Built-in DDoS protection and rate limiting
  • Continuous activity logging and security monitoring

Compliance

We design with data protection regulations in mind.

  • GDPR: Compliant with EU data protection principles (right to delete, data portability)
  • CCPA: Compliant with California Consumer Privacy Act requirements
  • SOC 2 Type II: Certification process in progress, expected Q2 2026

Enterprise customers may request documentation under NDA.

Reporting a Security Issue

If you discover a potential security vulnerability, please report it responsibly.

To submit a report, use the contact form and select Security Issue as your message type.

Your submission will be routed directly to our internal security team.

We typically respond within 24 hours and work promptly to validate and address reported issues.

Transparency

We believe security is built on trust and openness.

Enterprise clients can request additional documentation, including:

  • Security questionnaires
  • Infrastructure and architecture diagrams (under NDA)
  • Redacted penetration test summaries

Use the contact form and mention Enterprise Security Documentation in your message to request these materials.