Last updated: July 8, 2022
We understand that by using Peach, you are trusting us with your most-important data. That’s why we treat your personal and financial data like we’d want ours to be treated. Below, you‘ll find the principles that guide our approach to privacy and security.
We will keep your information as long as you are a user (either trialing, paid, or free) of the service. Once your trial ends, we auto-schedule for your account and all its data to be deleted from our servers after 30 days. Any synced bank or email accounts will be disconnected after 5 days. If you request a cancellation of your account either by email via [email protected], or through the product, all data associated with your account will be deleted within 72 hours.
We employ a number of security measures to help keep your data safe, including 256-bit encryption to protect it at rest and Transport Layer Security (TLS) to protect it in transit. Your data is encrypted while it is being stored and while interacting with our servers. None of your personal bank or email credentials are seen by us or stored. All your data is AES-256 encrypted. Your data is protected with bank-level security. We use Multi-Factor Authentication (MFA) on all internal systems and incorporate MFA support and mobile device management into our company devices. Our server is hosted on Heroku. They apply security controls at every layer from physical to application, isolate customer applications and data, and deploy security updates without customer interaction or service interruption. Heroku adheres to industry standard security, privacy and compliance controls, including:
We strive to be fully transparent when it comes to our security practices. If you have any questions please reach out to us at [email protected].