Security at Basis

Your financial data is sensitive. We built Basis with security at every layer — from how we store your data to how we connect to your bank.

Built on SOC 2-certified infrastructure

Data Minimization

We only store the last four digits of account numbers — never full numbers, even if they appear on uploaded statements. We collect the minimum data necessary to provide expense tracking and reporting services.

Bank Connections

Bank credentials are handled entirely by Teller, a certified and trusted bank data provider. Your login credentials never touch our servers. Basis has read-only access only — we can never move money or modify your accounts.

Encryption

All data is encrypted in transit using TLS and encrypted at rest. Your financial information is protected at every stage — whether it's being transmitted to our servers or stored in our database.

Authentication

Your password is never stored directly by Basis. Authentication is handled by a certified provider that uses industry-standard hashing and security practices. We support secure session management to keep your account protected.

Infrastructure

Basis is hosted on SOC 2-certified cloud infrastructure. Our hosting providers undergo regular independent audits to verify their security controls meet rigorous industry standards.

Your Rights

You can export your data at any time in standard formats (CSV, PDF). If you'd like your account and all associated data deleted, contact us and we'll process your request promptly. Your data belongs to you.

Questions about security?

If you have questions about how we protect your data, contact us at security@getbasis.io. You can also review our Privacy Policy for details on how we collect and use your information.