Security

Bank statements are sensitive documents. This page describes exactly how we handle them — no vague "bank-grade" claims, just what actually happens to your files.

Encryption in transit and at rest

All traffic to seabankocr.com uses TLS (HTTPS). Uploaded files and extracted data are stored encrypted at rest by our infrastructure providers.

Private file storage

Uploaded PDFs go into private storage. They are not publicly accessible and are only served back to the account that uploaded them.

Automatic PDF deletion

Uploaded PDFs are automatically deleted within 1 hour after processing completes, or within 24 hours if processing does not complete. Extracted transaction rows remain in your account until you delete them or close your account — so you can re-export without re-uploading.

Access controls

Every processing job is tied to the account that created it, and job data is only accessible to that account. Administrative access is limited to designated operator accounts.

Payments handled by Stripe

All payments are processed by Stripe. Your card number never touches our servers and we do not store any payment card details.

What we do not claim

We are a small, independent product. We do not currently hold SOC 2 or ISO 27001 certification, and we won't claim badges we haven't earned. This page lists exactly what we do — if you need something specific for a vendor review, ask us through the support form.

Found a vulnerability?

If you believe you've found a security issue, please report it through the support form with "Security" in the subject. We read every report.