Privacy & Security Policy

At StatementToExcel.org, we understand that your financial data is highly sensitive. Security is not just a feature; it is the foundation of our service.

1. Data Security Infrastructure

All data is processed within highly secure hyper scaler environments. We employ the following security measures:

  • Encryption in Transit: All communications between your browser and our servers are encrypted using industry-standard TLS (Transport Layer Security).
  • Encryption at Rest: All files uploaded to our system are stored in encrypted S3 buckets using AES-256 server-side encryption.
  • Isolated Processing: Your statements are processed in ephemeral environments that are destroyed immediately after use.

2. Bank Statement Handling & Destruction

We follow a strict "Privacy by Design" approach to your bank statements:

  • Upload Storage: When you upload a statement, it is stored in a private, non-publicly accessible "Upload" bucket.
  • Automatic Deletion: Original PDF statements are automatically deleted from our "Upload" bucket within 24 hours of successful processing, or immediately upon your request.
  • Output Destruction: Generated Excel files are stored in a secure "Output" bucket for your download. These files are automatically purged after 7 days.
  • No Manual Review: Our process is fully automated. No human employee at StatementToExcel.org ever views your bank statements unless explicitly requested by you for technical support.

3. Artificial Intelligence & Privacy

We use Amazon Bedrock (Nova Lite) to perform the high-accuracy extraction of your financial data.

  • No AI Training: Your data is NOT used to train or improve the underlying AI models. This is a fundamental guarantee provided by our use of enterprise-grade AI infrastructure.
  • Data Minimization: Only the text content required for conversion is passed to the AI model; no personally identifiable information (PII) beyond what is on the statement itself is stored or tracked.

4. Data Protection & Compliance

We use Data Protection mechanisms to manage cryptographic keys and protect sensitive application secrets. We do not sell, rent, or share your financial data with any third parties for marketing purposes.

5. Your Rights

You have the right to request the immediate deletion of all your data from our systems at any time. Since we do not retain statements beyond a short processing window, most of your data is purged automatically as part of our standard operations.

Questions about our security? Contact our security team at security@statementtoexcel.org

Last Updated: January 23, 2026