Kerdora takes the security of your client data seriously. Here's a plain-English overview of how we protect it.
How Your Data Is Stored
All client data lives in a PostgreSQL database hosted on secure infrastructure. Kerdora uses an event-based architecture, which means every change you make (adding an account, updating a goal, editing a field) is recorded as an individual event. This creates a complete audit trail of every action taken in a client's file, by whom, and when.
Your data is isolated by account. You can only see your own clients, and your clients can only see the data you've chosen to share with them through the portal.
Authentication and Passwords
When you create an account, your password is hashed using bcrypt (an industry-standard algorithm) before it's stored. Kerdora never stores your actual password in plain text.
You can also sign in with Google if you prefer.
Sessions expire after 7 days of inactivity, and each session tracks the device and IP address for security monitoring. If you sign out, your session is immediately invalidated.
Encryption
All data transmitted between your browser and Kerdora's servers is encrypted using HTTPS (TLS). This applies to everything: logins, client data, file uploads, and account aggregation connections.
Access Control
Kerdora has two roles: advisor and client.
Advisors have full access to their own clients' data, planning modules, and settings.
Clients can only access the portal for households they've been invited to. They can view Guides you've shared, update their own balances and cashflow, upload documents, and check off tasks. They can't access planning assumptions, the Extractor, or other advisor-only features.
Every API request verifies the user's role and checks that they have permission to access the specific client they're requesting. Unauthorized requests are rejected.
Third-Party Services
Kerdora shares data with a small number of third-party services, each for a specific purpose:
MoneyKit (account aggregation) — When a client links their financial accounts, MoneyKit securely connects to their bank or brokerage and sends balance, holdings, and transaction data to Kerdora. MoneyKit uses signed webhooks (JWT-verified) and token-based authentication. Kerdora never sees your clients' bank login credentials.
Stripe (billing) — Handles subscription payments. Kerdora doesn't store credit card numbers.
Intercom (support chat) — Powers the in-app chat widget. Uses identity verification (HMAC) so support conversations are tied to authenticated users.
Kerdora does not sell your data to third parties. There's no ad tracking, no data brokering, and no sharing of client information for marketing purposes.
Document Uploads
When you or your clients upload files (through the Extractor or the Documents tab), Kerdora restricts uploads to specific file types: PDFs, images (JPEG, PNG), Word documents, Excel files, and CSVs. There's a 200 MB size limit per file. Uploaded documents are stored securely and are only accessible within the client file they belong to.
What We Don't Do
We don't store passwords in plain text.
We don't share client data with advertisers or data brokers.
We don't give any third party blanket access to your data.
We don't retain bank login credentials (MoneyKit handles that connection directly).
If you have specific security questions or need documentation for your firm's compliance review, reach out to us at info@kerdora.com or through the in-app chat.
Updated 3/12/2026