Equyt is built for finance teams who can't afford to get this wrong. Read-only access that can never move your funds, your data encrypted and isolated to your own workspace, and an audit trail behind every number.
Not a checklist bolted on at the end. The way Equyt connects, stores, and records your data is designed around a few firm commitments.
Equyt connects with read-only credentials that carry no withdrawal permission. It can never move, withdraw, or hold your Bitcoin.
We never sell or share your data, and never use it for anything beyond producing your close. You can revoke Equyt's access at any time.
Everything is encrypted on the wire and in storage. Connection credentials are sealed with envelope encryption in a managed key store, never written to disk or logs in the clear.
Each customer's data is partitioned at the database level. Your treasury, books, and evidence live in your Equyt workspace, for you and the people you invite.
Every action and change is recorded, attributable, and immutable. Nothing is quietly edited away; corrections are made in the open.
Every figure traces back to a source record, a price source, and a workpaper, so you can always show exactly how a number was reached.
The most important security property is the simplest one: there is no path through Equyt to your funds.
We request the narrowest read-only scope each provider offers. Moving or withdrawing funds is not a permission we hold.
We connect through watch-only data (xpubs and output descriptors) and read-only exchange keys. We never hold your private keys, seed phrases, wallets, or accounts. You keep custody; Equyt keeps your books.
Equyt does not place orders or move balances between your venues. It accounts for what happened; it does not act on your behalf.
Across every custodian and exchange, Equyt uses the narrowest read-only credentials available. Even in a worst-case compromise, there is no permission on our side that could move your Bitcoin.
Data flows one way: in, and read-only. Everything Equyt touches is something it can read and account for, never something it can move.
No withdrawal path. Ever. Equyt holds no permission that could move, withdraw, or trade your assets. That is a property of the design, not a setting we leave switched off.
From the moment you connect a source to the day you disconnect it, the handling is the same, and it stays yours to control.
You link custodians, exchanges, and your accounting system with read-only credentials.
Credentials are sealed in a managed key store; all data is encrypted in transit and at rest.
Your data is partitioned to your own workspace, separate from every other customer.
Every access and action is written to an append-only audit log.
Disconnect any source, or close your account, whenever you choose.
The close is a controlled process, so Equyt is built around the same separation of duties your auditor expects to see.
Preparer, reviewer, and approver are distinct roles. The person who assembles a close is not the person who approves it, and entries are reviewed before they post.
Accounts are protected with multi-factor authentication, and sessions time out on inactivity. Access to your workspace is always yours to grant and revoke.
SAML single sign-on and SCIM provisioning for enterprise teams are on the near-term roadmap, so access can follow your own identity provider.
Invite only the people who need access, scoped to their role. Remove them, or disconnect a source, the moment that changes.
Equyt runs on a SOC 2-aligned cloud, on managed, isolated infrastructure that is entirely separate from this website.
Read-only credentials are sealed with envelope encryption in a managed key store. Plaintext keys never touch disk or logs.
Every record carries your tenant identity, enforced by row-level security in the database, with application-level scoping on top.
We rely on a short list of reputable infrastructure providers, and we will share that list, with a Data Processing Agreement, on request.
Send us your vendor security questionnaire, or request our security package: the sub-processor list, our DPA, and an architecture overview. We are glad to work under NDA.
Least privilege, encryption, access logging, and change management are part of the design, not a retrofit.
Equyt is in active development. This page describes the principles the product is being built around and the commitments behind it, not certifications we hold today. We will not claim controls we have not earned, and independent attestation is on the roadmap as Equyt matures.
Reproducibility is a control, not a feature. An append-only ledger plus retained evidence means the answer to "show me how you got this number" is always available, which is the foundation a SOC 2 program sits on.
Security is also a set of habits. These are the operational practices Equyt is built and run on.
Access to production systems and customer data is limited to the people who need it, logged, and reviewed. Most of our team never touches your data.
Changes go through code review and automated dependency scanning. Independent penetration testing is planned as we scale.
Systems and access are continuously logged and monitored, on top of the append-only audit trail that sits behind your books.
Your data is held on encrypted, regularly tested backups, with defined recovery objectives so a bad day stays recoverable.
We maintain an incident-response process, and we commit to notifying affected customers promptly if something ever goes wrong.
Export your data whenever you like. When you leave, we delete it on a defined schedule rather than holding it indefinitely.
Equyt is in active development. This section describes the operational practices we are building and committing to; some deepen as the product and team grow, and we will not claim a control before it is real.
We welcome reports from security researchers. Email the details and we will respond, and we ask for reasonable time to investigate before any public disclosure.
Book a demo and we'll take your finance team, and your auditor, through exactly how the controls work.