HeyDividend Security

Secure, private, owned by you

The most complete picture of your dividend portfolio, on the most secure platform we know how to build.

Contact security Trust center
Powered by HeyDividend

The most capable dividend AI, built on a fortress

Every layer — frontend, API, AI, database — is monitored, audited, and scanned continuously. If something looks wrong, we know about it before you do.

Enterprise-grade

Enterprise-grade security & privacy

With HeyDividend, your portfolio data lives in your tenant, is never used for AI training, and is never shared with third parties. Period.

How we protect you

Six commitments we make to every customer

Encrypted end-to-end

TLS 1.3 in transit. AES-256 at rest. Brokerage tokens are encrypted at the column level with a separate KMS-managed key.

Read-only by default

Plaid issues read-only tokens. We physically cannot place a trade or move funds out of your accounts.

Your data is yours

We never sell, share, or use your portfolio for ad targeting. Export everything as JSON or CSV at any time. Delete on request, immediately.

Modern auth

Google OAuth, magic-link OTP, and JWT sessions with rotation. Optional WebAuthn passkeys for Pro and Enterprise.

Audited & compliant

SOC 2 Type II in progress. GDPR and CCPA compliant. Public Trust Center with sub-processor list and incident history.

Defense in depth

Per-tenant database isolation, role-based authorization, and continuous SAST/DAST scanning on every deploy.

Disclosures

Questions about how we protect your data?

Read the privacy policy, browse our sub-processor list, or reach the security team directly — we answer every disclosure in good faith.

Privacy policy Contact security →