Security at Rollover Analysis Tool

We collect minimal client PII by design — just name, employer, and account value. Even that limited data is encrypted before it ever reaches our database. If someone gained unauthorized access to storage, the data would be unreadable.

• AES-256 encryption applied at the application layer before database storage
• Unique encryption key generated per operation
• All connections encrypted in transit with TLS 1.2+
• HTTPS enforced on every request via HSTS with preload
• Passwords hashed with bcrypt — never stored in plaintext
• Fail-closed design: the platform refuses to store data if encryption is misconfigured

Only you and authorized members of your team can access your data. We enforce this at every layer.

• Multi-factor authentication (MFA) available on all accounts via authenticator app
• Every API endpoint requires authentication by default — new endpoints are locked down automatically
• Role-based permissions for manager and team member accounts
• Single active session enforcement on individual plans to prevent unauthorized sharing
• Failed login attempts are logged and monitored

Every meaningful action in the platform is logged. If you ever need to demonstrate to a regulator what happened and when, the records are there.

• Authentication events, analysis creation/edits, PDF generation, and settings changes are all logged
• Each log entry records user, timestamp, IP address, and action type
• Audit events tagged with compliance categories aligned to SOC 2 Trust Services Criteria
• SOC 2 Type 1 In Progress — Certification currently underway
• Reports designed to support your PTE 2020-02 recordkeeping obligations

We never see or store your credit card information. All payment processing is handled by Stripe, one of the most widely trusted payment platforms in the world.

• All billing handled by Stripe — card numbers never touch our servers
• Webhook signatures verified using constant-time comparison
• Payment amounts validated and monitored for anomalies
• Rate limiting on billing operations to prevent abuse

We only collect the bare minimum needed to run a rollover analysis. The only client PII we store is their name, their employer (or former employer), and account value. No Social Security numbers, no dates of birth, no account numbers. And what we do collect belongs to you — not us.

• No SSNs, dates of birth, or account numbers collected — ever
• Client PII limited to name, employer, and account value
• We never sell or share client data with third parties
• Export or delete your data at any time
• Automated data retention and deletion policies
• Full account and data deletion available on request

We run on modern cloud infrastructure with automated monitoring and security scanning.

• Hosted on AWS
• Security headers on every response (Content Security Policy, clickjacking protection, MIME sniffing prevention)
• Rate limiting applied to all routes
• Automated dependency vulnerability scanning on every code change and on a weekly schedule
• Secrets scanning to prevent accidental credential exposure
• Application error monitoring for rapid incident response