Security at Savrr
Security at Savrr
We follow industry best practices to develop and deliver our product securely.
We follow industry best practices to develop and deliver our product securely.
Data Privacy Philosophy
Data Privacy Philosophy
Savrr is built on a privacy-first foundation:
We never hold or move your money - your funds stay in your bank
Your balances are private - only progress is shared
You control what is shared and who sees it
Financial data is never publicly visible
We collect only the data needed to power your experience
Savrr is built on a privacy-first foundation:
We never hold or move your money - your funds stay in your bank
Your balances are private - only progress is shared
You control what is shared and who sees it
Financial data is never publicly visible
We collect only the data needed to power your experience
Savrr is built on a privacy first architecture.
No custody of funds: Savrr does not hold, move or store user money.
No exposure of financial balances in social features: Users share progress only (Not dollar amounts).
User-controlled data sharing: Users explicitly control what is shared and with whom.
Financial data is never publicly visible.
Data minimization: Only essential data is collected to deliver core functionality
Infrastructure & Compliance
Infrastructure & Compliance
All Savrr infrastructure runs on highly fault-tolerant systems on Fly, which is SOC2 Type 2 compliant. It isolates all application hardware, encrypts all applications and data by default, and undergoes aggressive penetration testing.
Banking information is entirely managed by a fully certified and secure vendor, Plaid.
All Savrr infrastructure runs on highly fault-tolerant systems on Fly, which is SOC2 Type 2 compliant. It isolates all application hardware, encrypts all applications and data by default, and undergoes aggressive penetration testing.
Banking information is entirely managed by a fully certified and secure vendor, Plaid.
All Savrr infrastructure runs on highly fault-tolerant systems on Fly, which is SOC2 Type 2 compliant. It isolates all application hardware, encrypts all applications and data by default, and undergoes aggressive penetration testing.
Banking information is entirely managed by a fully certified and secure vendor, Plaid.
Data Security & Privacy
Data Security & Privacy
All data in rest and transit is encrypted using strong ciphers.
All passwords are hashed using Bcrypt.
All secrets are stored securely and never in source code.
We implement strict permission policies in the application so user data is not exposed or shared with other users without authorization.
All data in rest and transit is encrypted using strong ciphers.
All passwords are hashed using Bcrypt.
All secrets are stored securely and never in source code.
We implement strict permission policies in the application so user data is not exposed or shared with other users without authorization.
Application & System Security
Application & System Security
We follow industry best practices to develop and deliver our product securely.
We regularly update our servers, tools, libraries, etc., and have automated systems in place to detect outdated dependencies.
We employ security tools to scan for vulnerabilities and other issues, and patch them as they are discovered.
Access to our infrastructure and related services requires SSH and two-factor authentication when possible.
We follow industry best practices to develop and deliver our product securely.
We regularly update our servers, tools, libraries, etc., and have automated systems in place to detect outdated dependencies.
We employ security tools to scan for vulnerabilities and other issues, and patch them as they are discovered.
Access to our infrastructure and related services requires SSH and two-factor authentication when possible.
Reliability & Monitoring
Reliability & Monitoring
We make daily backups of application data with support for incremental PITR backups for the database.
All app issues are logged and monitored by reliable 3rd party services.
We make daily backups of application data with support for incremental PITR backups for the database.
All app issues are logged and monitored by reliable 3rd party services.
savrr
savrr
savrr