Last updated: June 2026
FixMy.Money takes the security of your data and your clients' data seriously. Below is an overview of the security measures we have in place.
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. This applies to all client data, documents, and account information stored on the platform.
FixMy.Money is built on Supabase, which runs on enterprise-grade cloud infrastructure with SOC 2 compliance, automated backups, and high availability architecture.
Role-based access controls ensure that team members only access the data they need. Each workspace is fully isolated — your client data is never accessible to other organizations.
All significant actions on the platform are logged with timestamps and user attribution. Audit trails support your compliance documentation and internal review processes.
All payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. FixMy.Money never stores raw credit card numbers or sensitive payment data.
Secure authentication with email verification, session management, and support for strong passwords. We recommend enabling two-factor authentication for all team accounts.
Responsible Disclosure
If you discover a security vulnerability in FixMy.Money, please report it responsibly to security@fixmy.money. We take all security reports seriously and will respond promptly.
Related: Privacy Policy · Compliance Information · Contact Support