Worthic is a document-first accounting and finance workspace. This Security Overview summarises how Worthic protects customer accounts, workspace data, uploaded documents, document-processing workflows, and operational systems.
No online service can guarantee absolute security. Worthic uses technical and organisational controls designed to reduce risk, protect customer data, and support responsible operation of the Service.
1. Security principles
Worthic's security model is built around:
- protecting sensitive financial and administrative records;
- separating production, staging, and development environments;
- limiting human access to customer data;
- maintaining auditability for sensitive administrative actions;
- using managed infrastructure providers with established security controls;
- giving workspace owners control over users, roles, and workspace membership;
- keeping customer documents and workspace content out of general AI model training unless a customer explicitly opts in.
2. Hosting and infrastructure
Worthic uses managed infrastructure providers for application hosting, database hosting, object storage, email delivery, document processing, queues, and AI-assisted workflows.
The production application and production database run on Render-hosted infrastructure. Customer documents are stored in production Cloudflare R2 object storage. Document-processing workflows run through production Cloudflare Workers and production queues. Transactional email is handled through Postmark.
Production infrastructure uses production-specific secrets, storage, queues, and callback endpoints. Staging and development environments are separate from production and are used for testing and development work.
Material providers are listed in the Worthic Subprocessors List.
3. Data storage
Worthic stores structured workspace data in managed database infrastructure and stores uploaded documents in managed object storage.
Documents may include financial and administrative records such as bank statements, invoices, receipts, payslips, tax records, contracts, real estate records, investment documents, and identity or compliance documents.
Document-processing state, extraction results, review state, audit state, and derived workspace data are stored so users can review, correct, report on, and manage their records.
4. Encryption and transport security
Worthic uses HTTPS/TLS for browser and API traffic. Traffic between Worthic systems and service providers uses secure provider endpoints where supported by those providers.
Worthic relies on managed infrastructure providers for encryption at rest in database, object storage, queue, and hosting infrastructure where provider-level encryption is available. Sensitive credentials and service secrets are stored as environment-level secrets rather than in source code.
5. Account and workspace access controls
Worthic uses account authentication, session management, workspace membership, and role or permission controls to limit access to workspace data.
Workspace owners and administrators control who is invited into a workspace, which roles users have, and when access is removed. Users are responsible for protecting their credentials, devices, email accounts, and workspace invitations.
Worthic separates ordinary user workspace access from internal administrative access.
6. Human access to customer data
Worthic limits human access to customer data. Customer documents are not routinely inspected by Worthic personnel as a support practice.
Administrative access is role-limited and based on operational need. Worthic personnel may access customer information only for authorised operational purposes, such as providing support, investigating security or reliability issues, resolving billing or account access issues, complying with legal obligations, enforcing the Terms of Service, responding to incidents, preventing abuse, or acting at a customer's request.
Worthic personnel with administrative access are subject to confidentiality obligations. Administrative access may be logged, reviewed, and retained as part of Worthic's security and compliance controls.
Admin access logs are internal by default. Customers may request information about administrative access to their workspace. Worthic may provide appropriate summaries where legally and operationally reasonable, subject to limits needed to protect security, privacy of others, confidential investigations, and abuse-prevention controls.
7. Document processing and AI
Worthic uses deterministic and AI-assisted workflows to process customer documents and workspace records.
Document-processing workflows are designed to support extraction, classification, routing, review, categorisation, and reporting. AI outputs are assistance only and must be reviewed by users before reliance.
Customer documents, customer financial data, and workspace content are not used to train third-party foundation models or general AI models without explicit opt-in consent.
8. Logging and monitoring
Worthic maintains operational logs for security, reliability, troubleshooting, compliance, and auditability. These may include:
- authentication and session logs;
- workspace access and permission events;
- administrative access logs;
- security events;
- errors and diagnostics;
- document-processing state;
- background job and queue events;
- infrastructure operations.
Logs are retained for operational, security, legal, and compliance purposes and are protected from ordinary workspace users.
9. Backups, deletion, and retention
Worthic maintains operational backups, logs, and infrastructure records to support continuity, recovery, security, legal obligations, and incident investigation.
If a workspace is deleted, Worthic retains workspace data and documents for 14 days to allow export and recovery. After that period, production data is scheduled for deletion or de-identification, subject to limited retention in backups, logs, audit records, billing records, security records, legal holds, and compliance records.
Backups and logs may persist for a limited period after production deletion and are then deleted or overwritten according to operational schedules.
10. Incident response
Worthic handles suspected security incidents through an incident response process that includes detection, triage, containment, impact assessment, remediation, and post-incident review.
Incidents involving personal information or customer content are assessed for legal, contractual, customer-notification, and regulator-notification obligations.
11. Vulnerability management
Worthic uses code review, dependency maintenance, environment separation, provider-level monitoring, and operational hardening to reduce security risk.
Security-relevant issues are prioritised based on severity, exploitability, customer impact, and exposure of customer data or production systems.
12. Customer responsibilities
Customers are responsible for:
- using strong credentials;
- protecting devices and email accounts;
- configuring workspace permissions carefully;
- removing users who no longer require access;
- reviewing imported, extracted, and AI-assisted outputs before reliance;
- exporting data before deletion where needed;
- complying with laws that apply to their records, users, and workspaces.
13. Updates
Worthic updates this Security Overview as its infrastructure, controls, subprocessors, or security practices change.