Security & Compliance

Your books deserve bank-grade security

UK-hosted infrastructure. AES-256 encryption at rest, TLS 1.3 in transit. GDPR-native, with a privacy-first architecture that minimises what we collect in the first place.

Start secure trial Privacy policy

Encryption at rest

AES-256 encryption applied to documents, database backups and object storage.

UK-hosted

Data lives in UK and EU data centres. No transfer to non-adequate jurisdictions.

TLS 1.3 in transit

Every connection — browser, API, integrations — encrypted with modern TLS.

Audit logging

Every change to a document or invoice is logged with user, timestamp and before/after.

Role-based access

Owner, manager, staff and read-only roles. Per-business permissions for practices.

GDPR-compliant

Right to access, rectification, deletion. Data minimisation built in. UK GDPR-aligned.

reCAPTCHA on forms

All public forms protected by Google reCAPTCHA v3 to block automated abuse.

Email-based auth

No credentials shared with third parties. Xero SSO available for one-click sign-in.

Daily backups

Database backed up daily with 30-day retention. Object storage versioned.

What we do — and don't do — with your data

We do

  • ✓ Process your documents to extract bookkeeping data
  • ✓ Use AI providers (Mistral, OpenAI) under enterprise data agreements that prohibit training on your content
  • ✓ Encrypt every byte at rest and in transit
  • ✓ Allow you to export everything and delete on request

We don't

  • ✗ Sell your data — ever
  • ✗ Use your documents to train any AI models
  • ✗ Show ads or share data with advertisers
  • ✗ Track you across the web

Ready to switch to a more secure platform?

UK-hosted. GDPR-compliant. Privacy-first by design.

Start free trial Talk to us

No credit card required · UK-hosted · Cancel anytime

We value your privacy

We use essential cookies to make our service work. With your consent we'd like to use analytics cookies to improve AvroBooks. We never sell your data. Read more.