ClearStaq
ClearStaq
Bank Statement ParsingTax Return ParsingFinancial AnalysisFraud DetectionIncome VerificationAPI & Webhooks
For MCA BrokersFor LendersFor CPAs & Accountants
IntegrationsPricing
BlogSecurityAbout UsRequest a DemoContact
Log inStart Free Trial

50 documents free. No credit card required.

SECURITY

Security isn't a feature. It's the foundation.

Bank statements are the most sensitive financial documents your clients have. We treat them that way.

Enterprise compliance, standard

ClearStaq meets the security requirements of the most demanding financial institutions.

SOC 2 Type II

Independently audited controls for security, availability, and confidentiality.

PCI DSS

Payment Card Industry Data Security Standard compliant infrastructure.

GDPR

Full compliance with EU data protection and privacy regulations.

CCPA

California Consumer Privacy Act compliant data handling.

ISO 27001

International standard for information security management.

Enterprise-grade infrastructure

Built on AWS with multiple layers of security at every level.

Encryption at Rest

AES-256 encryption for all stored data. Keys managed via AWS KMS with automatic rotation.

AES-256 encryptionAWS KMS managed keysAutomatic key rotation

Encryption in Transit

TLS 1.3 for all data transmission. Certificate pinning for API connections.

TLS 1.3 minimumCertificate pinningPerfect forward secrecy

Network Security

Multi-layer network protection with WAF, DDoS mitigation, and intrusion detection.

VPC isolationWAF protectionDDoS mitigationIDS/IPS

Access Controls

Role-based access with MFA, least privilege principles, and just-in-time provisioning.

RBAC enforcementMFA requiredLeast privilegeJIT access

We process your documents. We don't keep them.

Your documents are processed in isolated environments and deleted immediately after parsing.

Upload

Document uploaded via encrypted channel

Parse

Processed in isolated container

Deliver

Results returned to your system

Delete

Document permanently removed

What we store

  • Parsed transaction data (JSON)
  • Fraud analysis results
  • Income verification summaries
  • API request logs (anonymized)

What we DON'T store

  • ×Original PDF documents
  • ×Account numbers
  • ×Personal identifying information
  • ×Raw statement images

Your data never trains our models.

We use Google's Gemini API under a Data Processing Agreement (DPA) that explicitly prohibits using your data for model training. Your documents are processed and forgotten.

Google Cloud DPA in effect

Continuous security assurance

We don't just set up security and forget about it. We actively monitor, test, and improve.

24/7 Monitoring

Continuous security monitoring and alerting

Annual Pen Testing

Third-party penetration testing by certified firms

Bug Bounty Program

Responsible disclosure program for security researchers

Incident Response

Defined SLAs for security incident handling

Questions about security?

Our security team is happy to walk through our practices, provide documentation, or answer any compliance questions.

Start free — no credit card required

Take back your time and automate loan underwriting

Join 500+ lending teams using ClearStaq to parse statements, catch fraud, and verify income — all in under 5 seconds.

No credit card required. 50 free parses/month. Upgrade anytime.