DimeSuite Trust Center

Bank-grade security, uncompromising privacy, and enterprise compliance. Your accounting and financial data is protected at every layer.

Security Privacy Policy Data Processing Terms of Service Data Security Laws

Security Architecture

  • Standard Encryption: All proprietary data is fully encrypted at rest using industry-standard AES-256 encryption, while data in transit is secured via TLS 1.3 protocols to prevent interception.
  • Strict Access Controls: Platform access is tightly regulated through comprehensive Role-Based Access Control (RBAC), ensuring users only see what they need, alongside optional Multi-Factor Authentication (MFA) for an added layer of login security.
  • Intelligent Threat Detection: Our proprietary AI actively monitors login patterns and behavioral metrics in real-time. It is designed to instantly detect and block unusual or anomalous activity, keeping your account safe from unauthorized access attempts.

Privacy Policy

  • Global Privacy Compliance: We are actively building our architecture to maintain strict, simultaneous compliance with major global frameworks including SOC 2 Type II, the DPDPA (India), the CCPA (California), and the GDPR (European Union).
  • Data Ownership and Rights: Proprietary data is securely redacted before storage. You maintain absolute sovereignty over your data, retaining the full right to access a machine-readable copy, correct inaccuracies, or request complete erasure (the "Right to be Forgotten") at any time.
  • AI & Algorithm Transparency: We adhere to strict transparency standards (aligned with the EU AI Act) so users are explicitly notified whenever they are interacting with an AI system. All data governance and privacy operations are overseen directly by our leadership to ensure maximum accountability.
  • Redacted Visibility & Stateless LLMs: DimeSuite Master Admins have restricted visibility and cannot access underlying financial records or personal data. Furthermore, the external Large Language Models (LLMs) we utilize are completely stateless - they never store your data, nor do they use your queries to train public models.
  • Isolated Machine Learning Environment: Our proprietary ML models are trained exclusively on your specific dataset within a completely isolated environment. When you choose to leave the platform, your data and its associated learned patterns are permanently removed.
  • Website Data Collection: When you browse our public website, we collect non-identifiable technical data (such as browser type, timestamps, and referring pages) and identifiable data submitted voluntarily via "Book a Demo," "Careers," or "Contact" forms (e.g., name, business email, and company name).
  • Cookie & Consent Governance: We utilize cookies to analyze website traffic, manage user sessions, and optimize our marketing efforts. Non-essential cookies and third-party tracking scripts (e.g., analytics or advertising pixels) are deployed strictly based on user consent provided via our website cookie banner. If declined, only essential security and session cookies remain active.
  • Website Security Infrastructure: All interactions on our public website are secured via industry-standard HTTPS/TLS encryption. Form submissions are encrypted in transit and routed directly into our secure internal CRM systems.
  • Strict Data Separation (No Cross-Contamination): Data collected for website analytics, marketing, or sales outreach is strictly siloed. Public website data is never co-mingled with client financial data, nor is it ever used to train the proprietary machine learning models or Large Language Models (LLMs) utilized within the secure DimeSuite application environment.
  • The information above is a summarized overview of our Privacy Policy. The complete Privacy Policy, which governs the use of DimeSuite, is available within the application.

Data Processing Agreement (DPA)

  • Sub-Processor Accountability: Our standardized Data Processing Agreement utilizes Standard Contractual Clauses (SCCs) to guarantee that any cross-border transfers and sub-processors uphold the exact same stringent data protection levels required by global authorities.
  • Enterprise Cloud Infrastructure: The core DimeSuite application is securely hosted on AWS, while our advanced machine learning infrastructure is housed separately within Google Cloud, ensuring optimized performance and security.
  • Uncompromising Data Integrity: We maintain enterprise-level Service Level Agreements (SLAs) with our cloud infrastructure partners to guarantee absolute data integrity. Furthermore, all information is maintained and fully encrypted within highly secure PostgreSQL databases.

Terms of Service

  • Platform Usage & API Limits: Our terms explicitly define fair-use policies and clear API rate limits. This ensures that integrations remain stable and that all users experience high-speed, uninterrupted access without throttling.
  • SLA Guarantees: We understand that financial closes are time-sensitive. We provide enterprise-grade uptime commitments and strict performance benchmarks to keep your month-end workflow running flawlessly.
  • Enterprise Responsibilities: The terms outline clear, actionable guidelines for your account administrators, covering acceptable use policies and the tools available for secure, collaborative data management within the ecosystem.

Data Security Laws & Compliance

  • DimeSuite is currently in the process of becoming fully compliant with modern regulatory frameworks to ensure your global financial operations remain protected and legally sound.
  • SOC 2 Type II: We are preparing for independent, third-party audits focusing specifically on the core Trust Services Criteria of Security, Availability, and Confidentiality.
  • DPDPA Readiness: Actively implementing frameworks to comply with India's Digital Personal Data Protection Act, ensuring the strict, lawful processing and safeguarding of all personal digital data within the region.
  • GDPR Compliance: Currently working on ensuring strict compliance with European data residency requirements, lawful processing mandates, and immediate data deletion protocols.
  • CCPA Alignment: We are also underway to maintain strict alignment to California's enterprise and consumer privacy regulations, ensuring you retain the right to opt-out of specific data sharing practices.