Our Privacy Pledge

We employ AES-256 encryption for all data at rest and in transit. This is the same encryption standard used by banks, government agencies, and military organizations worldwide.

Our infrastructure is SOC 2 Type II compliant, meaning we undergo rigorous third-party audits to verify our security controls meet the highest industry standards.

When you upload financial documents to Incalm, we use our proprietary tokenization system to extract and analyze the relevant data. This means your original documents are processed securely and the raw files are never shared with any third parties.

Tokenization replaces sensitive information with non-sensitive equivalents, called tokens, that maintain the analytical value of the data without exposing the actual content. This ensures that even in the unlikely event of a breach, your original document content remains protected.

Your uploaded documents are used exclusively to:

• Analyze your financial health – We extract key metrics like revenue, expenses, cash flow, and debt ratios to assess your business loan readiness.
• Generate personalized insights – Our AI creates tailored recommendations to improve your creditworthiness.
• Track your progress – We monitor changes over time to show your improvement journey.

We never: sell your data, share your documents with third parties without explicit consent, or use your information for advertising purposes.

You maintain complete control over your data at all times. You can:

• Export your data at any time in standard formats
• Request deletion of all your documents and analysis history
• Manage permissions for any shared reports or insights

When you request deletion, all your data is permanently removed from our systems within 30 days, in compliance with POPIA (Protection of Personal Information Act) and GDPR regulations.

Our platform is built on industry-leading infrastructure: