Much of the information our users give us is necessary for finappster to function. All data we collect is given a classification. This tells us how sensitive the information is, and informs what type of protections we need to put around it. Once we have a classification, we take measures to keep it safe.
For information that isn't necessary for finappster to function (i.e. info we are holding because we are required by law and only used in instance of audit or similar) we apply encryption to help make sure that in the absolute worst-case scenario where all our other security protection is comprised that this most sensitive customer data remains inaccessible.
For the remainder of the information, we rely on a set of security protections that break into two parts.
These protections as a whole from our information security policy.