Security

Last updated: May 2026

Infrastructure

HelpMyBooks is built on Supabase (PostgreSQL) with row-level security enforced at the database layer, so bookkeepers and clients can only ever query rows that belong to their own organisation or client record.

Data in transit and at rest

All traffic between your browser and HelpMyBooks is encrypted via HTTPS/TLS. Data at rest, including uploaded receipts, is encrypted by our infrastructure providers.

Access control

Bookkeepers can only see clients and transactions belonging to their own organisation. Clients can only see their own transactions and questions, accessed via secure, single-use client links — no shared logins, no cross-client visibility.

Receipts and file storage

Receipt uploads are stored in Supabase Storage behind private access controls. Files are never publicly listable and are only retrievable via signed, expiring links.

AI processing

Transaction details sent to AI providers for classification are limited to what's needed for an accurate suggestion. AI output is advisory only and is always reviewed by a qualified bookkeeper before being finalised.

Reporting a concern

If you believe you've found a security issue, contact us at security@helpmybooks.com and we'll respond promptly.