Security

Built to be trusted with the financial data

Numbers traced to source data. Every access controlled. Every action logged. The trust foundation behind every Planir output.

Book a Demo Read our security overview
Audit log
09:14 J. Wang
09:22 M. Lee
09:41 A. Tan
10:03 S. Kumar
SOC 2
AES-256
MFA
Azure
Trusted by leading finance teams

Built on three architectural commitments

The security posture starts at the data model, not at the network perimeter.

Numbers from source data

Every figure traceable to your accounting system, not generated by a language model.

  • Numbers in every Planir output computed deterministically from source data
  • The narrative around the numbers can be drafted; the numbers themselves are not
  • The answer to "where did this figure come from?" is always your accounting system

Granular access controls by company and GL account

Access scoped to what each user needs to see. Nothing more.

  • Permissions by entity, GL account, and role
  • One user sees one entity, a group user sees the consolidated view
  • The same dashboard serves multiple audiences without exposing data

Every action logged, every change traceable

Audit-grade lineage from final report back to source accounting data.

  • Every sync, report, override, and configuration change logged
  • Timestamp, user, and before-and-after state on every entry
  • Lineage runs from the final number back to the source transaction

Security at every layer

Four operational commitments behind every Planir environment.

Data Protection
Access and Authentication
Compliance and Certifications
Infrastructure Security

Source data, reports, and budgets encrypted at rest and in transit.

  • AES-256 encryption for data at rest and in transit
  • Secure, redundant data centres with geographic distribution
  • Automated daily backups with disaster recovery
  • Data residency options to meet regional requirements

Permissions by company and GL account. MFA enforced, session timeouts built in.

  • Session management with automatic timeout and secure logout
  • Multi-factor authentication (MFA) for all users
  • Role-based access controls for team management
  • Comprehensive audit logs for compliance reporting

SOC 2 Type II compliant. Built for SOX, ISA 610, and PE-grade governance.

  • SOC 2 Type II compliant
  • Regular vulnerability scanning and security assessments
  • Secure software development lifecycle (SDLC) practices
  • Regular third-party security audits and penetration testing

Hosted on Azure with 99.9% uptime, 24/7 monitoring, and documented incident response.

  • Cloud-native architecture on Microsoft Azure
  • 99.9% uptime SLA commitment
  • 24/7 security monitoring and threat detection
  • Documented incident response procedures

Common questions

Who has access to my data inside Planir?
Only the users you grant access to, scoped by the role-based controls you configure. Within Planir, internal access to customer data is restricted to a small operational team for support and incident response purposes, with every access event logged and auditable.
Can I restrict access by entity and by GL account?
+
Yes. Role-based access controls operate at the company level and the GL account level. Grant a user access to one entity, multiple entities, the full group, or a subset of GL accounts within an entity. MFA is enforced for all users, with session management and automatic timeout built in.
Is my financial data used to train AI models?
+
No. Customer financial data is never used to train the models behind Planir. Models draw on your data at the time of use, with the audit trail capturing every access event, but are not retrained on your data. Your data stays your data.
What happens if there is a security incident?
+
Documented incident response procedures with 24/7 monitoring across the infrastructure. In the event of an incident affecting customer data, affected customers are notified in line with applicable regulatory requirements and contractual commitments. The audit trail captures every system event, which supports forensic review and remediation.
Where is my data stored?
+
Hosted on Microsoft Azure with secure, redundant data centres and geographic distribution. Regional data residency options are available for customers with specific compliance requirements. Automated daily backups and disaster recovery are built in.
Is Planir SOC 2 compliant?
+
Yes. Planir is SOC 2 Type II compliant. The platform maintains a secure software development lifecycle, regular third-party security audits, and regular penetration testing and vulnerability scanning. Detailed compliance documentation is available on request during procurement.
What is the uptime commitment?
+
A 99.9% uptime SLA with 24/7 monitoring of the infrastructure. The cloud-native architecture is built for redundancy and disaster recovery, so your reporting cycle does not depend on infrastructure you cannot rely on.
Can I export all my data if I leave Planir?
+
Yes. Data ingested into Planir remains your data. Export your data at any time during your subscription and for a defined period after cancellation, in standard formats suitable for migration or archival.

Security questions before you commit

Speak to our team about the specific security and compliance requirements your board, audit committee, or investors are asking about.

Book a Demo Read our security overview