Fintool implements rigorous security measures to protect your sensitive data, ensuring compliance with the highest standards of data protection and privacy.
Default hosting location with highest performance.
Optional hosting in EU, APAC, or other supported regions.
Self-service region selection via Enterprise contract
Most vendors restricted to US-only processing
Automatic compliance with local regulations
All data is deleted immediately after processing and is never stored on OpenAI servers.
OpenAI implements strict security measures to protect your sensitive data and does not share data with third parties.
Enterprise-grade encryption
AES-256 at rest, TLS 1.2+ in transit
No data selling or sharing
OpenAI does not sell user data or share it with third parties for marketing purposes
Strict access controls
OpenAI uses strict access controls to limit who can access data
No training on user queries
No Fintool user questions are used for OpenAI's training, fine-tuning, or model improvements
Control exactly what data Fintool crawls and indexes within your systems.
Prevent Fintool from surfacing results for certain sensitive search terms.
Permission-aware results
Fintool only shows you information you already have permission to access in the source application
Real-time permission updates
If any permissions change in your systems, Fintool's results reflect those changes immediately
Role-based access control
Comprehensive RBAC system integrates with your existing identity providers
Audit logging
Detailed logs of all access attempts and permission changes
Fintool only shows information you already have permission to access.
If any permissions change, results reflect those changes immediately.
Native integration with identity providers
Seamlessly works with Okta, Azure AD, Google Workspace, and other IDPs
Access inheritance from source systems
Automatically inherits permissions from SharePoint, Google Drive, and other data sources
Group-based access controls
Manage access via existing security groups rather than individual users
Permission visibility and reporting
Comprehensive dashboards to audit who has access to what information
Detailed tracking of all user activities with precise timestamps.
Export audit logs to your SIEM for monitoring and real-time alerting.
Query Tracking
Log of all user questions and interactions with the AI assistant
Document Access
Record of all document uploads and equity research report views
Administrative Actions
Complete logs of all configuration changes and user management activities
Export Capabilities
Configurable audit log exports in multiple formats for compliance reporting
| Timestamp | User | Activity | Resource |
|---|---|---|---|
| 2023-06-14 09:23:45 | john.smith@berkshire.com | Query | "Q1 financial performance" |
| 2023-06-14 10:15:32 | sarah.jones@berkshire.com | Document Upload | Q2_Forecast.pdf |
| 2023-06-14 11:42:18 | david.miller@berkshire.com | Report View | Tesla Equity Research |
| 2023-06-14 14:05:59 | admin@berkshire.com | User Added | new.user@berkshire.com |
All data is encrypted at rest using AES-256 encryption standards.
All data is encrypted in transit using TLS 1.2+ protocols.
Key Management System
Secure key management with automatic rotation and revocation capabilities
Data Exfiltration Prevention
Controls in place to limit data exfiltration risks
Hardware Security Modules
FIPS 140-2 certified HSMs for cryptographic operations
Secure VPC Architecture
Network isolation with strict access controls
Protects from losses due to dishonest acts, fraud, theft, or forgery by employees or third parties.
If you have any questions about our security practices or need additional information, our team is ready to help.