How we handle your data and run the platform.
This page is maintained by ReconSight to answer common security and privacy questions about the ReconSight IFRS 9 platform. It describes controls that are currently enabled in the application and is not an independent certification or audit attestation.
Last reviewed: July 2026.
Authentication and tenant isolation
ReconSight uses managed authentication with email/password and Google sign-in. Sessions are JWT-based and validated server-side on every protected request. Application data is partitioned by tenant and protected with row-level security policies that scope reads and writes to the tenant the user is a current member of. Role-based access (admin, analyst, viewer) is enforced server-side, not by the browser.
Hosting and platform context
The application runs on the Lovable platform (frontend and server functions) with a managed PostgreSQL backend. Traffic is served over HTTPS with HSTS and standard security response headers (X-Content-Type-Options, Referrer-Policy, Permissions-Policy). This is a factual description of enabled platform capabilities and is not an independent certification.
What data ReconSight processes
ReconSight processes loan portfolio data that customers upload or stream through configured connectors (account, balance, collateral and payment records under the RDM canonical model), plus the minimum account information required to operate user logins. Personal data of borrowers is not required for the IFRS 9 engine to function; customers control what fields they submit.
Subprocessors and integrations
ReconSight relies on a small number of subprocessors to deliver the service, including the hosting and database platform and transactional email delivery. The current subprocessor list is maintained by ReconSight and available on request from temur@reconsight.io.
Encryption and secret handling
Data is encrypted in transit using TLS. Database credentials, service-role keys and connector secrets are stored in the platform's secret manager and are never embedded in the client bundle. Privileged keys are used only inside server-side admin paths.
Retention and deletion
Customer portfolio data, run results and audit events are retained for the duration of the subscription. On termination, customers may request export and deletion of tenant data. Specific retention windows and deletion timelines are agreed in the service contract — contact us for the wording that applies to your tenant.
Audit trail and maker-checker
Governed writes — overlay approvals, run executions, calibration changes — are recorded in an append-only audit log via a security-definer function. Overlays follow a maker-checker flow: the user who creates an overlay cannot approve their own request.
Privacy requests
Requests related to access, correction, export or deletion of personal data tied to a user account can be sent to temur@reconsight.io. Requests covering borrower-level data inside a tenant are handled by the tenant administrator, since ReconSight processes that data on the customer's behalf.
Security contact and vulnerability reporting
To report a suspected security issue or vulnerability, email temur@reconsight.io with a description and steps to reproduce. We acknowledge reports as soon as practical and coordinate on a fix and disclosure timeline. Please do not test against production tenants you do not own.
Shared responsibility
ReconSight operates the application, the IFRS 9 engine and the platform integrations described above. The underlying hosting and database platform provides the infrastructure controls. Customers remain responsible for managing their users and roles, the data they choose to upload, and their own regulatory obligations under IFRS 9 and applicable privacy law.
