Your clients trusted you with their statements. We keep it that way.
Bank statements are among the most sensitive documents a small business has. Our position is simple: we should hold as little of them as possible, for as short a time as possible, and use them for exactly one thing — producing your export. Here is what we promise, in plain language.
1. Originals are deleted on a schedule you control
By default, every uploaded file — statement PDFs, receipt photos, and the intermediate OCR output — is permanently deleted 90 days after processing. A daily job enforces this; deletion is not "archived somewhere," it's gone from storage.
You can change the retention window in settings, from 0 days (the original is deleted immediately after processing completes) up to 365 days if your engagement letters require longer access. The extracted transaction data — dates, descriptions, amounts, categories — remains in your account so your books and exports keep working, until you delete it.
2. Your documents are never used to train AI models
Not by us, and not by anyone else. We do not train models on customer documents, and we do not permit the AI providers that power our extraction pipeline to retain or train on the content we send them. Our internal logs record token counts and timing for cost monitoring — never the content of your documents.
3. We store the minimum the job requires
- Account numbers: last four digits only. Our extraction is instructed to output only the last four digits, and a code-level safeguard truncates anything longer before it can reach the database. Full account numbers are never stored.
- Files live in private storage. Nothing is publicly addressable. Every download — including your own — goes through a signed link that expires after 15 minutes.
- Strict tenant isolation. Every query in the system is scoped to your firm. Access controls are covered by automated tests that verify one firm can never read another firm's data.
4. Delete everything, any time
You can delete any document, any client, or your entire account whenever you choose. Deleting your account is a hard delete: all extracted data, all category memory, all remaining files in storage — removed, not flagged-hidden. If you'd rather we do it, email support@reconlens.com from your account address and we'll confirm completion.
5. Where your data lives
ReconLens runs on infrastructure hosted in the EU and US. Data is encrypted in transit (TLS) and at rest. We use a small number of vetted subprocessors — cloud hosting, object storage, AI extraction providers, email, and payments — each bound by data processing terms consistent with this promise.
In one sentence: we process your documents, hand you verified data, and then get rid of the originals on your schedule — 90 days by default, immediately if you prefer.
This page is our product promise, written for the bookkeepers who use ReconLens. Questions about anything here — or requests we haven't anticipated — go to support@reconlens.com; a human reads every message.
Automation shouldn't cost you your clients' trust
Balance-verified extraction, deletion on your schedule, and no training on your data — on every plan, including Free.
Start free