How We Keep Your Data Safe

COUNT consistently safeguards your critical financial data by adhering to these core principles.

Our Core Principles


We employ multiple layers of security measures and policies to protect your information during collection, use, and disclosure on our servers.


Our robust infrastructure ensures your financial data is always available and accessible, providing seamless, uninterrupted service whenever you need it.


Your data is yours to control. We're dedicated to ensuring you decide who can access specific information and when. We never share or sell your data to third parties.

Data Security

Read-Only Integrations

Our data integrations, including live connections with banks and credit cards, are designed with a strict "read-only" protocol. This ensures that we do not, will not, and cannot alter any of your banking or financial data. Additionally, our read-only integrations are regularly audited to uphold the highest standards of data integrity and security.

Data Encryption

At COUNT, we prioritize the security of your financial data through robust encryption practices. In addition to utilizing 256-bit Secure Sockets Layer (SSL) encryption for data in transit, we ensure that all data at rest is encrypted using advanced encryption standards (AES) with a key size of 256 bits. This level of encryption is widely recognized for its effectiveness in protecting sensitive information. Our encryption protocols are designed to safeguard your data against unauthorized access, ensuring that it remains confidential and secure both during transmission and while stored on our servers.


The COUNT platform and your accounting data rest securely behind Microsoft Azure Web Application Firewalls. This protects from common web-hacking techniques such as SQL injection and security vulnerabilities like cross-site scripting.

Secure Data Storage

Your accounting data is stored on servers that have strict physical access and technical controls. They are located in state-of-the-art data centers, which provide biometric access controls, constant surveillance, redundant power feeds, and generators, robust fire suppression, and carefully monitored climate control to protect the servers that store your data and manage your billing.

PCI Compliance and Card Holder Data

Cardholder data should only be input by the user in areas that explicitly require it. COUNT handles cardholder data in accordance with PCI Data Security Standard requirements. Where cardholder data storage is required (i.e. automatic payments on recurring invoices) COUNT leverages PCI DSS Level 1 Compliant partners who undergo an annual audit of its infrastructure.

Keep Sensitive Data Out of LLMs

We automatically identify and redact sensitive information and intellectual property during Large Language Model (LLM) data collection, training, fine-tuning, and inference. Additionally, no direct user financial data is shared with any public LLM.

Security Audits and Monitoring

Regular security audits are an integral part of our commitment to safeguarding your financial data at COUNT. We conduct comprehensive security audits and penetration testing at regular intervals to identify and address potential vulnerabilities proactively. These audits involve rigorous examination of our systems, infrastructure, and processes to ensure compliance with the latest security standards and best practices. By continuously monitoring and updating our security measures, we ensure that your data remains protected against emerging threats and maintain the highest level of trust and reliability in our services.


Redundant Servers and Data Centers

The COUNT infrastructure uses redundant storage and servers to keep the application and your data available in the case of hardware failure – and another set of servers and storage in a geographically separate data center in case our primary data center is made unavailable by a disaster or other disruption.

Managed Hosting

The COUNT platform utilizes Microsoft Azure for hosting requirements. With a vast array of clients with varying needs, Azure provides an environment that allows for the fast delivery of features, continued product innovation, reliable security, stability, and a reduced chance of downtime.


The data in your COUNT profile is replicated across multiple database servers in two geographic locations to prevent a single failure from causing data loss. Additionally, that data is backed up nightly to tape and stored in a secure offsite location to ensure that, even in the event of a catastrophe like a tornado or a flood, your information will be safe and your records can be quickly restored.



We safeguard the information you share with us with some of the industry’s best practices. The innovative technology we use helps stop fraudsters in their tracks and ensures only you can access your data on COUNT.

Employee Training and Awareness

We place a high priority on regular training for all employees on security best practices, recognizing and mitigating social engineering attacks, and adhering to stringent data protection policies. Our comprehensive training programs ensure that our team is well-versed in the latest security protocols, understands the importance of safeguarding sensitive information, and is equipped to identify and respond to potential threats. By fostering a culture of security awareness, we empower our employees to play an active role in maintaining the integrity and confidentiality of your data. Continuous education and periodic assessments help us stay ahead of emerging threats and reinforce our commitment to data security.

Staff Access to Data

At COUNT, no staff member has direct access to customer financial data. All data is encrypted on our servers and requires a unique authorization token for decryption. This token is automatically generated in the background when an authorized and authenticated user logs in, ensuring that only users invited by the account owner can access financial information. Our stringent access controls and regular audits reinforce the security and privacy of your data.

Privacy Policy

COUNT has a strict privacy policy that all users, employees, and partners must adhere to.