Security

Last revised Aug 5, 2014

It's your financial data, so I'm handling it with care. I've taken reasonable step to protect your data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction.

However, no internet or email transmission is ever fully secure or error free. In particular, email sent to or from FirstOfficer.io may not be secure. Therefore, you should take special care in deciding what information you send via email.

Also please note that FirstOfficer.io may send you email reports with financial information. If you are worried about their security, you can opt out from receiving those reports.

Secure connections

Secure SSL connections are always used, also when any data is transferred between servers in the background.

Credit card numbers

Your credit card number never hits our servers. It's securely submitted to Stripe to achieve PCI compliance. More information in Stripe security page

Physical security

The service is hosted at Heroku, who hosts their service at Amazon data centers. We also use monitoring tools, so that the service should always have up-to-date infrastructure and patches. More information in Heroku security page.

Data Security

All passwords and third party API tokens are stored encrypted. In case a breach should happen, an attacker cannot easily use your FirstOfficer account or access your Stripe account.

Ask questions or report indicents

Please email to support@firstofficer.io