Privacy & Security

Last updated: January 2025

At Capitowl, protecting your financial data is not just a compliance requirement — it is a core product principle. This page describes the technical and organizational measures we use to keep your information safe.

Our Security Philosophy

We believe your financial life is deeply personal. Capitowl is designed from the ground up with a privacy-first, no-compromise approach to data security:

  • We never sell your data. Your financial information is used solely to provide you with the Services.
  • We never serve ads. There is no advertising business model at Capitowl — ever.
  • We never store your bank credentials. Account linking is handled through encrypted third-party connections so your passwords never touch our servers.

Data Encryption

In Transit

All data transmitted between your device and our servers is encrypted using TLS 1.3, the latest and most secure version of the Transport Layer Security protocol. This prevents interception of data in transit.

At Rest

Sensitive data stored on our servers is encrypted at rest using AES-256, the gold standard in symmetric encryption used by banks, governments, and security-conscious enterprises worldwide.

End-to-End Financial Data

Financial account tokens (not your credentials — your actual bank passwords are never stored) are encrypted with additional application-level encryption before being written to our database.

Account Security

Authentication

  • Secure password storage — passwords are hashed using bcrypt with a high work factor; we never store plain-text passwords
  • Two-factor authentication (2FA) — available via authenticator app (TOTP) or SMS
  • Biometric authentication — Face ID and Touch ID are supported on compatible devices

Session Management

  • Sessions expire after a configurable period of inactivity
  • All active sessions are visible and revocable from your account settings
  • Suspicious login attempts trigger automatic email alerts

Financial Account Linking

Capitowl uses Plaid and similar bank-grade financial data aggregators to connect to your financial institutions. This means:

  • Your bank username and password are entered directly with the aggregator — they never pass through Capitowl's servers
  • We receive read-only access tokens that can be revoked at any time
  • You can disconnect any linked account instantly from the app

You can also review and revoke Plaid's access to your data directly at my.plaid.com.

Infrastructure Security

Cloud Infrastructure

Capitowl's infrastructure is hosted on enterprise-grade cloud providers with:

  • SOC 2 Type II certification
  • Physical security controls (biometric access, 24/7 monitoring)
  • Geographic redundancy and automated failover

Network Security

  • All internal services communicate over encrypted private networks
  • Web Application Firewall (WAF) to block malicious traffic
  • DDoS protection and rate limiting on all API endpoints
  • Regular network penetration testing by independent security firms

Access Controls

  • Employee access to production data follows the principle of least privilege
  • All access to customer data is logged and audited
  • Multi-factor authentication is required for all internal systems

Vulnerability Management

We take a proactive approach to finding and fixing security issues:

  • Regular security audits — internal reviews and third-party penetration tests conducted at least annually
  • Dependency monitoring — automated scanning for known vulnerabilities in third-party libraries
  • Responsible disclosure — we welcome security researchers to report issues at security@capitowl.io

If you discover a security vulnerability, please contact us before public disclosure. We commit to acknowledging your report within 48 hours.

Data Minimization

We collect only the data necessary to provide the Services:

  • We do not track your precise GPS location
  • We do not access your contacts, camera, or microphone except where explicitly required by a feature you opt into
  • Transaction data is used only for financial analysis within your account — it is not shared with advertisers or data brokers

Incident Response

In the event of a data breach or security incident affecting your personal information, we will:

  1. Contain and investigate the incident immediately
  2. Notify affected users within 72 hours of confirmation
  3. Notify relevant regulatory authorities as required by law
  4. Provide clear guidance on any steps you should take
  5. Conduct a post-incident review and implement improvements

Your Controls

You are in control of your data:

  • Revoke account connections at any time from the app settings
  • Download your data — request a full export from Account Settings
  • Delete your account — permanently removes all your data from our systems within 30 days
  • Adjust sharing preferences — control what data is used for analytics and product improvement

Contact Our Security Team

Have a security concern or question? We're here to help.

Security issues: security@capitowl.io Privacy questions: privacy@capitowl.io General inquiries: hello@capitowl.io