No. Antei does not store or access sensitive financial information such as card details, CVVs, or payment methods. We only ingest scoped, read-only data related to compliance and taxation (e.g., invoice totals, tax rates, customer metadata).

Data is stored in encrypted PostgreSQL databases hosted on Google Cloud Platform (GCP). Additionally, structured compliance files and audit logs are stored in Cloudflare R2.

We use OAuth 2.0 Authorization Code Flow for all supported third-party integrations. Access tokens are securely stored, scoped per organization, and regularly refreshed or revoked when needed.

Failed syncs are automatically retried with backoff logic. If failures persist, they’re logged in the Org Settings → Logs section and optionally notified via email.

Yes. Antei supports full data erasure workflows under GDPR and DPDP. You can request deletion at the entity level (e.g., invoices) or organizational level.

This feature is available for enterprise clients. Please contact support to configure IP-restricted dashboard access or API allowlisting.

We operate in accordance with SOC 2-aligned controls across access management, audit logging, encryption, and incident response. A formal audit report can be made available to enterprise customers under NDA.

Yes. We offer Data Processing Agreements (DPAs) for customers upon request. Contact legal@antei.com to initiate the process.