Loading account

SECURITY

We are built to hold as little of your sensitive data as possible.

This page describes what ResidencyIQ does today, plainly, including where our security program is still incomplete. Where something is on the roadmap rather than live, we say so.

The pointer + fingerprint model

Your documents can stay where they already are: your Google Drive, your Dropbox, your CPA’s office. Instead of taking custody of the file, ResidencyIQ can store a reference to where it lives and a cryptographic fingerprint (SHA-256) of the details you provide about it.

Live today

Reference-level fingerprinting.

When you log a document by reference (its storage provider, location, and the details you enter about it) instead of uploading it, we compute a SHA-256 fingerprint of that reference record and timestamp it. This proves what you asserted, and when, without our ever holding the file.

On the roadmap, not live yet

Content-level fingerprinting.

Fingerprinting the actual bytes of a file you link from Google Drive or Dropbox, so we can prove the document’s content itself hasn’t changed and not just that you referenced it, requires a direct integration (Drive Picker, Dropbox API) we have not shipped yet. Until it ships, treat today’s fingerprint as evidence of what was asserted and when, not as proof the linked file’s contents are unaltered.

Tamper-evidence

A fingerprint is only as trustworthy as the clock it’s attached to. If the only record of when a fingerprint was created lives in our own database, you’re trusting us not to have altered it. That’s a real limitation, and we’d rather name it than gloss over it.

Live today

Fingerprint + timestamp, in our system of record.

Every evidence fingerprint is stored with a creation timestamp in our production database, protected by the access controls and encryption described below.

Live today

Independent, blockchain-anchored timestamping.

Nightly, we aggregate new evidence fingerprints into a Merkle tree and anchor the resulting root to two independent timestamp services: OpenTimestamps (blockchain-anchored) and an RFC 3161 timestamp authority. Neither we nor you can silently backdate or alter a record after that point. Every year-end report includes a verification link, so anyone, including your CPA or an auditor, can check it independently.

Infrastructure and Vendors

What we run on, and who we trust it to.

Encryption in transit

All traffic to residencyiq.app is served over TLS.

Encryption at rest

Application data is stored in a managed Postgres database (Render) with encryption at rest.

Authentication

Clerk, a SOC 2 Type II–audited identity provider. We do not store your password.

Payments

Stripe, a PCI-DSS Level 1 certified payment processor. We never see or store your full card number.

Hosting

Render.

Bank connections (planned, not yet live)

When available, bank and card transaction data will connect read-only through Plaid’s standard token-exchange flow. We will never receive or store your banking credentials.

Compliance Roadmap

Where we stand, without the badges we haven’t earned.

SOC 2

Not started

We have not engaged an auditor and have no SOC 2 report today. A formal audit is on our roadmap as ResidencyIQ scales past early access; we will update this page the day that changes, not before.

FTC Safeguards Rule

Self-assessed program

We are not a financial institution, but we design our administrative, technical, and physical safeguards to align with the Safeguards Rule’s risk-based standard. This is a self-assessment, not a third-party certification.

CCPA / CPRA sensitive data rights

Live today

Precise geolocation is treated as Sensitive Personal Information for every user, with a working Limit-the-Use request path.

Read the full CCPA sensitive-data section in our Privacy Policy →

Your data, on your terms

Export your evidence and records from your workspace at any time. If you cancel your subscription, you have 90 days to complete an export before evidence records become subject to deletion under our retention schedule.

You can also request deletion of your evidence records earlier than our standard retention period. We’ll walk you through the consequences first: deleted evidence can’t be reconstructed if a state later audits a tax year that record would have supported, so we’ll ask you to confirm you understand before we proceed.

Read our full retention and deletion policy →

Found a security issue?

If you believe you’ve found a vulnerability in ResidencyIQ, please report it to us directly before disclosing it publicly. We will acknowledge your report and work with you in good faith to understand and address it.

security@residencyiq.app

Disclaimer

ResidencyIQ is not a law firm, CPA firm, or tax advisor, and this page is not a security certification, audit report, or legal representation. It describes our current practices as of the date this page was last updated and will be revised as our infrastructure and compliance program change.