Your data, protected
RemindLedger™ is financial operations software built on bank-verified data, not a financial institution. We protect collections, payment matching, contract, and cash workflow data with read-only access and strict storage limits.
What RemindLedger never stores
Bank login credentials
No usernames, passwords, PINs, or any banking credentials. Ever.
Account balances
We do not store your online banking credentials or use your connection to initiate transfers.
Full bank statements
We do not retain full statements indefinitely. We use only the transaction data needed for reconciliation and audit history.
Raw email content
Email bodies are discarded after parsing. Only structured fields (amount, sender, date) are retained.
What we do store
Structured payment data — transaction details from verified bank connections: sender name, amount, date, time, memo, and account metadata needed to match payments to invoices.
Invoice records — the open invoices you create or import, along with their status (unpaid, matched, exported).
Account information — your business name, email address, and billing information for your subscription. Standard SaaS account data.
TLS encryption in transit
All data transmitted between your browser, email parser, and our servers is encrypted with TLS.
Encrypted at rest
Stored data is encrypted at rest with enterprise-grade encryption. Physical server access does not expose data in plaintext.
Immutable audit logs
Every operation is logged with a timestamp. Complete traceability for security review and fraud prevention.
NAICS 518210 — Data Processing, Not Finance
RemindLedger is classified under NAICS 518210 (Data Processing and Hosting). That means we process workflow and reconciliation data, not funds:
What RemindLedger IS
- Financial operations platform
- Data processing service
- Bank-verified workflow engine
What RemindLedger is NOT
- A debt collector (FDCPA n/a)
- A financial institution
- A payment processor
RemindLedger does not transmit, hold, or facilitate the transfer of funds. All financial transactions occur directly between your customers and their banks.
Regulatory references
- GLBA — Gramm-Leach-Bliley Act (Safeguards Rule)
- CCPA / CPRA — California Privacy
- PIPEDA — Personal Information Protection (Canada)
- NACHA Operating Rules (ACH handling)
- FTC 16 CFR Part 255 (referrals disclosure)
Security controls
- SOC 2 Type II — working towards certification (2026 roadmap)
- PCI-DSS — inherited via Stripe Level 1 upstream (we never store PAN)
- AES-256 encryption at rest, TLS 1.3 in transit
- bcrypt password hashing, role-based access
- Hash-chained immutable ledger — every financial write signed into the journal
- Documented incident response
- Regular penetration testing
RemindLedger Inc. is operated from Wilmington, Delaware. Security and privacy questions: [email protected].
Platform technical guarantees
RemindLedger builds with auditable primitives. These defenses are live in production today:
Security FAQ
Does RemindLedger store my bank login?
No. RemindLedger never asks for or stores online banking usernames or passwords. Bank connections stay read-only throughout the reconciliation workflow.
What happens to emails after they're processed?
The raw email body is discarded after the structured fields are extracted. We retain only: sender name, amount, date, and reference. Nothing else.
Is my dedicated inbox secure?
Yes. Your dedicated inbox is receive-only. It cannot send emails. Access is restricted to the RemindLedger parser. All communication is encrypted with TLS.
Can I delete my data?
Yes. Contact [email protected] with your deletion request. We'll respond within 30 days.