Security

Your financial data, protected to enterprise standards

From encryption to data isolation, session security to audit trails — i-Expense treats security as part of the design.

End-to-end encryption

All data is encrypted with TLS in transit and AES-256 at rest. Receipt images are kept in a separate, access-restricted store.

GDPR/KVKK compliance

Personal data is processed in line with regulations; consent, disclosure and cookie-approval flows are built into the product.

Per-company data isolation

Each company's data lives in its own isolated database. By design, one company's session can never reach another company's data.

Session security

Short-lived access tokens and single-use refresh tokens (rotation) are used; on suspicious reuse the whole session family is terminated automatically.

Role-based access

With employee, manager and process roles (HR, finance), everyone sees only the data they are authorized for and acts only on their own step.

Audit trail

Create, approve, reject, revise — every action is recorded immutably with who and when; process history is always viewable.

Technical details of the security architecture and integration-security guidance are shared with enterprise customers during the evaluation process.

Have questions?

Request a demo to discuss your security and compliance requirements.