Integration Security & Permissions

1Security-First Integration Philosophy

FinanceModel integrations are designed with security as a foundational principle, not an afterthought. Every integration follows consistent security standards to protect your data and maintain trust.

Least-Privilege Access

Integrations request only the minimum permissions required for their specific function. We never request broader access than necessary, and permissions are scoped to the narrowest practical level.

Explicit User Authorization

Every integration requires your explicit authorization before it can access any data or external system. You must actively confirm each connection — integrations are never enabled automatically.

No Silent Data Access

FinanceModel never accesses external data without your knowledge. There is no background syncing, no automatic data collection, and no silent connections to external systems.

2Authorization & Access Control

Authorization for integrations follows a consistent model designed to give you control while maintaining security boundaries.

Authorization Model

✓

User-Initiated Authorization

All integrations begin with a user action. You must explicitly choose to connect an integration.

✓

Scope-Limited Access

Each integration has defined boundaries. Access does not extend beyond what is required for the specific function.

✓

Organization-Scoped Permissions

For enterprise accounts, integrations respect organizational boundaries. Access is limited to your organization's data.

✓

Consent Recording

Authorization decisions are recorded for audit purposes. You can review what integrations are connected to your account.

Access Control Boundaries

•Integrations cannot access data from other users in your organization unless explicitly shared
•File-level integrations access only the files you explicitly select
•API integrations are scoped to authorized actions only
•Admin-level integrations require appropriate organizational permissions

3Data Handling & Isolation

Data accessed through integrations is handled according to the same security standards as directly uploaded content. Isolation boundaries ensure your data remains protected.

Data Access Principles

Authorized Scope Only

Integrations access only the data you have authorized. No browsing or scanning of data beyond the authorized scope.

Encrypted Transfer

All data transferred through integrations is encrypted in transit. Unencrypted connections are not permitted.

Storage According to Policy

Data imported through integrations is stored according to our standard data retention and security policies.

Isolation Guarantees

Organization-Level Isolation

Your data is isolated from other organizations.

No Cross-Tenant Access

Integrations cannot access data across tenants.

User-Level Boundaries

Within organizations, user permissions apply.

Separate Credential Storage

Integration credentials are stored separately.

4Integration Lifecycle

Integrations follow a defined lifecycle from authorization to revocation. You maintain control throughout this lifecycle.

Lifecycle Stages

Authorization

You initiate a connection and explicitly grant access. You are informed of what the integration will access before confirming.

Active Connection

The integration operates within its authorized scope. You can use the integration for its intended purpose while it remains connected.

Revocation

You can disconnect the integration at any time. Revocation takes effect immediately, and the integration can no longer access your data.

Effect of Revocation

•Integration immediately loses access to external data sources
•Data already imported to FinanceModel remains in your account (unless you delete it)
•API credentials associated with the integration are invalidated
•You can re-authorize the same integration later if needed

5Monitoring & Audit

Integration activity is logged and auditable to support security review and compliance requirements.

What Is Logged

✓

Authorization Events

When integrations are connected or disconnected, including timestamp and user.

✓

Data Access Events

When integrations access or transfer data, for accountability and troubleshooting.

✓

Error and Failure Events

When integration operations fail, for support and security investigation.

Audit Capabilities

Activity History

Review integration activity over time.

Timestamp Records

Events include accurate timestamps.

User Attribution

Actions are attributed to users.

Export for Review

Enterprise plans can export audit data.

Important Limitations

• Real-time monitoring dashboards are not currently available
• Audit log retention follows standard data retention policies
• Some audit features may require enterprise plan

6Limitations & User Responsibility

While we implement security controls, users also have responsibilities in managing integrations. The following limitations and responsibilities apply:

User Responsibilities

Managing Access

Users are responsible for reviewing and managing their active integrations. We recommend periodic review of connected integrations.

Credential Security

Users should protect their account credentials. Compromised credentials could allow unauthorized integration access.

Revoking Unused Integrations

Users should disconnect integrations they no longer use to reduce potential exposure.

Data Verification

Users should verify data imported through integrations before relying on it for critical decisions.

Platform Limitations

•Integration maturity varies: Different integrations may have different maturity levels. Check Feature Status for details.
•Subject to governance policies: Integration availability may be affected by governance and compliance requirements.
•Not all integrations available to all users: Some integrations require specific plans or organizational settings.
•External service dependencies: Integration availability may depend on external services we do not control.