Data & Security
We take your data seriously. Here's exactly how we protect it.
🔐 Encryption
Your bank details (sort code and account number) are encrypted with AES-256 — the same standard used by banks and governments worldwide. They are never stored in plain text. Even if someone accessed our database, your bank details would be unreadable.
💳 Payments
All payments are processed by Stripe — one of the world's most trusted payment providers. FlashBill never sees or stores your card details. Stripe is PCI DSS Level 1 certified.
🌍 Where is my data stored?
Your data is stored on secure servers in Europe, compliant with UK GDPR. We use Railway.app for hosting — an infrastructure provider with enterprise-grade security.
🔒 Account Security
- All connections encrypted via HTTPS/SSL
- Two-factor authentication (2FA) available
- Magic link login — no password required
- Rate limiting to prevent brute force attacks
- Session cookies: Secure, HttpOnly, SameSite
📋 Your rights
Under UK GDPR, you have the right to access, export, and delete your data at any time. You can delete your account from Settings → Danger Zone. All personal data is permanently removed within 30 days.
📧 We will never
- Sell your data to third parties
- Show you ads
- Share your invoices with anyone
- Access your account without your permission
Questions about your data?
Contact Us →