Security

Security at FineData

We take the security of your data and our infrastructure seriously. Here's how we protect your information.

Infrastructure Security

  • All data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Infrastructure hosted on AWS with SOC 2 compliance
  • Network isolation with VPC and strict firewall rules
  • Regular security audits and penetration testing

Data Protection

  • We do not store scraped content — data is streamed directly to you
  • API keys are hashed and never stored in plaintext
  • GDPR compliant with data processing agreements available
  • Minimal data retention — logs retained for 30 days only

Access Control

  • Role-based access control (RBAC) for team accounts
  • API key scoping and rate limiting per key
  • Audit logs for all API access and account changes

Responsible Disclosure

If you discover a security vulnerability, please report it responsibly. We appreciate the security research community and will acknowledge your contribution.

Report vulnerabilities to security@finedata.ai. We aim to acknowledge reports within 24 hours and provide a resolution timeline within 72 hours.