Security Practices

At Quaestor, we take the management of data seriously. Both security and privacy are key focus areas for our organization and product development.

INTERNAL SECURITY

QUAESTOR DOES NOT STORE BANKING CREDENTIALS
Our system integrates with Plaid, a SOC 2 Type 2 compliant financial API used and trusted by AMEX, Venmo, Fannie Mae and many others. When linking to a financial institution, the connection is established through Plaid and is read-only access.

DATA IS STORED SECURELY
Your data is protected at rest by 256-bit encryption and protected by TLS/HTTPS in transit. If we suspect any suspicious activity on your account, we’ll alert you as soon as possible.

ACCESS TO QUAESTOR IS SECURE
All access to Quaestor is over a secure (256-bit SSL encrypted) connection.

EMPLOYEE SECURITY
All employees are required to sign a confidentiality agreement.

 

PRODUCT SECURITY

SIGN-IN AND ACCOUNT ACCESS
Quaestor uses Google sign-in for users to access their account. Two-step authentication can be configured through Google for added security.

CONTROL VISIBILITY AND USER ACCESS LEVELS
CEOs and founders control who has visibility to their company on Quaestor, and all new company members require access approval. The following table lists user types and the level of information that is accessible:

Quaestor Access Table*Quaestor surfaces a limited number of transactions via alerts based on parametersagreed upon by CEOs and their board.

 

Security Questions?

If you have specific questions or concerns about the security practices at Quaestor,please reach out to us at info@quaestorapp.com