
Security
Last updated: May 2026
Infrastructure
HelpMyBooks is built on Supabase (PostgreSQL) with row-level security enforced at the database layer, so bookkeepers and clients can only ever query rows that belong to their own organisation or client record.
Data in transit and at rest
All traffic between your browser and HelpMyBooks is encrypted via HTTPS/TLS. Data at rest, including uploaded receipts, is encrypted by our infrastructure providers.
Access control
Bookkeepers can only see clients and transactions belonging to their own organisation. Clients can only see their own transactions and questions, accessed via secure, single-use client links — no shared logins, no cross-client visibility.
Receipts and file storage
Receipt uploads are stored in Supabase Storage behind private access controls. Files are never publicly listable and are only retrievable via signed, expiring links.
AI processing
Transaction details sent to AI providers for classification are limited to what's needed for an accurate suggestion. AI output is advisory only and is always reviewed by a qualified bookkeeper before being finalised.
Reporting a concern
If you believe you've found a security issue, contact us at security@helpmybooks.com and we'll respond promptly.