How Finsensa approaches workspace isolation, export controls, access management, and operational security for adviser-led SME lending workflows.
Finsensa is designed to isolate data by workspace and case so advisers, brokers and accountants work within their own organisation context. Application access controls are intended to prevent cross-workspace access and to keep case activity scoped to the authorised user and their firm.
Data sent between your browser and Finsensa is intended to use HTTPS with modern TLS protections. Stored case data, uploads and generated outputs are protected using the security controls made available by our infrastructure providers, including encryption-at-rest where configured and available.
Access to Finsensa is controlled through authenticated sessions and application-level permission checks. Internal access to production systems is restricted on a least-privilege basis and operational access is expected to be logged and reviewed where appropriate.
Finsensa is built around document-led case preparation. Generated outputs such as PDF packs, Excel workbooks and evidence bundles are tied back to case activity, and export-related events are recorded to support traceability, review and operational audit needs.
Open Banking is not currently live in the product. Today, Finsensa works from uploaded bank statements and other supporting case documents. If Open Banking support is introduced later, its operational and regulatory model will be documented before being enabled for live use.
Retention and deletion are handled in line with Finsensa's operational retention policy, contractual terms, and infrastructure backup processes. For current retention expectations, refer to the Privacy Policy, which sets out the present categories and typical retention periods.
If a security incident affects personal data, Finsensa will investigate, contain the issue, assess the legal and operational impact, and make any required notifications in line with applicable law, contractual obligations, and regulatory requirements.
If you discover a security vulnerability in Finsensa, please report it responsibly to security@finsensa.com. We aim to acknowledge credible reports promptly and handle good-faith disclosures through a responsible review process.
For security questions or concerns: security@finsensa.com