How we protect your data
The practical side of our privacy policy - how your information is kept safe.
What this page covers
Our Privacy Notice explains what data we collect and how we use it. This page covers the other half of the question: how we keep that data safe once we have it.
None of what follows is unusual. These are the kinds of safeguards any service handling financial information should have, described in plain terms rather than technical ones. If you have a specific question this page doesn't answer, write to us - the address is at the bottom.
Information in transit and at rest
Data in transit between your device and Finance ADRI — when you use the app, submit a request, or email us — is protected with TLS 1.3 (or TLS 1.2 or higher). That encrypts information while it moves, so that even if it were intercepted, it could not be read in plain form.
Data at rest on our systems uses AES-256 encryption where applicable, together with role-based access controls and other safeguards described in our Privacy Notice.
Where your data is stored
Your information is stored on infrastructure located in the United States, operated by established cloud providers - the same providers relied on by many other U.S. financial and technology companies. We don't store your data outside the United States.
We use these providers specifically because maintaining secure infrastructure at scale is something they do better than a small company building it from scratch. Their physical and network security protections sit underneath our own.
Who can access it
Inside Finance ADRI, access to your data is limited to the people who genuinely need it to do their work - and that's a small group. We don't give blanket access to everyone in the company. Access is restricted by role, recorded, and reviewed periodically to make sure it still makes sense.
When your request is matched, your information goes only to the lenders being matched with you - not to every lender in the network, and not to anyone outside the matching process. We cover what we do and don't share in detail in our Privacy Notice.
Account and login security
The Adri Cash app can be locked behind your device's own security - Face ID, Touch ID, or your passcode. That authentication happens on your device; we never see or store your biometric data. It stays on your phone, where it belongs.
For certain sensitive actions, we may send a one-time code to the phone number on your account to confirm it's really you. This adds a second step that's hard for someone else to get past, even if they somehow had your other details.
If something goes wrong
No system is perfect, and any company claiming otherwise isn't being straight with you. If we ever discover a security incident that may have affected your data, we'll notify the people involved as quickly as we reasonably can, and we'll follow the data breach notification laws that apply to the situation.
If you think you've found a security weakness - a vulnerability, a flaw, a way to reach data you shouldn't be able to - please tell us. Write to [email protected] with Security in the subject line. We read these reports, we take them seriously, and we'll respond. We'd much rather hear about a problem from you than discover it the hard way.
A few things we don't do
Some protections are about what we deliberately avoid: