PaperNudgePaperNudgeStart Free Trial

Security at PaperNudge

Your clients trust you with their financial documents. You need to know we treat that trust the same way you do. This page explains exactly how PaperNudge stores, transmits, and isolates the documents your clients upload.

Encryption

  • In transit: Every request between your browser, your clients' browsers, and our servers is encrypted with TLS 1.3. Plain HTTP is rejected at the edge.
  • At rest: Uploaded documents are stored in encrypted object storage. Database fields and backups are encrypted with AES-256.
  • Signed download links: Files are never publicly accessible. Every download is gated by a short-lived signed URL (expires in 1 hour) that only the authenticated firm or the specific upload-link holder can request.

Data isolation between firms

Multi-tenant data isolation is the single most important guarantee a tool like this can make. PaperNudge enforces it at the database level using PostgreSQL Row Level Security (RLS).

  • Every record (firms, clients, engagements, documents, follow-ups, intake responses, notifications) carries a firm_id.
  • Every database query is filtered by RLS policies tied to your authenticated session. There is no application code path that can read another firm's data, even by accident.
  • The storage bucket holding uploaded files is private. Path namespaces are scoped per firm and per engagement.

Client upload links

Your clients do not log in. They receive a unique upload link tied to a single token.

  • Tokens are UUID v4. Unguessable.
  • Every link expires automatically after 90 days. You can rotate or revoke a token at any time.
  • If you archive a client, their upload link is deactivated immediately.
  • Files uploaded through the link go directly from the client's browser to private encrypted storage. They never pass through a third-party service uninspected.

AI document classification

PaperNudge uses an AI service to read each document and label it (W-2, 1099, bank statement, etc.). This is the only purpose for which document content is sent outside our infrastructure.

  • Provider: Anthropic, PBC. US-based.
  • Documents are transmitted over encrypted connections.
  • Anthropic does not train models on commercial API traffic. Their no-training contractual guarantee covers all PaperNudge requests.
  • Documents are not retained by the provider beyond the brief processing window.
  • If we ever change AI providers, our Privacy Policy and this page are updated before the change takes effect.

Authentication

  • Email and password only. Passwords are hashed with bcrypt.
  • Email verification is required before you can access the dashboard.
  • Sessions are stored in HttpOnly, Secure, SameSite cookies.
  • Password reset links expire in 1 hour.

Infrastructure

  • Hosting: Vercel (US regions). SOC 2 Type 2 certified.
  • Database and storage: Supabase (US regions). SOC 2 Type 2 certified, HIPAA-eligible infrastructure.
  • Email: Resend, with verified SPF/DKIM/DMARC for the papernudge.com domain.
  • Payments: Stripe. PaperNudge never sees card numbers; Stripe handles PCI DSS compliance.

PaperNudge SOC 2 Type 2 certification of the application layer is on the roadmap. The underlying platforms (Vercel, Supabase, Stripe, Resend) are each independently certified today.

Data deletion

You can delete your account at any time from Settings. Deletion is permanent and immediate: every client record, every uploaded document, every follow-up history is removed from the database, and every file is removed from object storage. Your Stripe subscription is cancelled in the same flow.

Reporting a security issue

If you believe you have found a vulnerability or a misconfiguration, please email hello@papernudge.comwith the subject "Security". We will acknowledge within 24 hours.

See also: Privacy Policy · Terms of Service · Data Processing Addendum