How Zensus handles your financial data

You connect Plaid, QuickBooks, or HubSpot through OAuth. Those providers hold the credentials. Zensus receives scoped OAuth tokens, pulls the data we are authorized to read, and stores only what we need to compute your runway. Data moves over TLS. At rest, it lives on encrypted AWS infrastructure.

• OAuth tokens for each connected provider, encrypted at rest with AES-256-GCM.
• Transactions and balances within the sync window required to project your runway.
• Scenario chat history for your account only.
• Derived runway projections and alert state.

• Bank or QuickBooks passwords. Plaid and Intuit hold those.
• Payment card details.
• Raw transactions outside the sync window needed for projections.

Every database query is filtered by user ID. Zensus staff cannot access your data without an explicit authorization path that is audited. Cross-account access is not possible by design, not just by policy.

Our backend repository runs Semgrep static analysis on every commit. Gitleaks scans for accidentally committed credentials and blocks PRs that introduce them. Dependencies are kept current through automated vulnerability alerts.

Your data never trains any AI model. When you run a scenario, your data is sent per request to Claude, analyzed, and the conversation returns to you. No fine-tuning, no memory, no training, no data crossing into other customer accounts.

Zensus is not yet SOC 2 certified. We are working toward it. In the meantime, our data protection and access control practices are documented and reviewable on request. If your procurement process needs specific evidence, talk to us and we will share what we have.

Security questions, disclosures, or procurement inquiries go to support@zensus.app.