Security

Data in Europe. Decisions traceable.

Vantnod's trust is not built on a single promise at the bottom of a page. It is built on visible product detail: who can see what, which source the information rests on, what Noa suggests, who confirms the decision, and what trace the work leaves.

Financial data is too important to be a black box. Vantnod is built so that data, roles, sources, changes, and approvals stay separable and verifiable.

Security is not just a technical layer. It is part of the experience.

Trust primitives

01 / 09

Security shows up before data moves.

Vantnod's security model starts before the first report, suggestion, or approval. The user has to understand who is acting, with what right, on which source, and where a decision requires human confirmation.

  1. [01]

    Data

    EU-first processing and storage designed for European financial data.

  2. [02]

    Roles

    Access is based on the task, not just on having an account.

  3. [03]

    Sources

    A record, suggestion, or note links back to a transaction, document, or receipt.

  4. [04]

    Decisions

    Approvals, changes, and user actions leave a verifiable trail.

  5. [05]

    Noa

    AI suggestions are kept separate from human decisions.

Noa & AI

02 / 09

Noa suggests. Humans decide.

Noa is built to assist financial interpretation, not to hide decisions inside automation. AI on financial data is only useful if the user can see what a suggestion is based on and what happens next.

  1. [01]

    Noa raises a flagSuggestion

    Noa can raise a flag, suggest an explanation, or help the user understand a change.

  2. [02]

    Bound to evidenceSource

    A suggestion must link to verifiable information: a transaction, invoice, receipt, report, or the user's own context.

  3. [03]

    Human confirmsBoundary

    Noa must not be an invisible decision-maker. When an action has financial impact, the user's role and approval are part of the model.

  4. [04]

    Layers stay separableTrail

    The AI suggestion, the human approval, and the final change stay separable from each other.

Roles and rights

03 / 09

The right view for the right person.

Financial work is not the same for everyone. A founder needs the whole picture. A team member may only need the view for their task. An accountant needs verifiable material. An external partner may need limited access to one thing only.

  1. [01]

    Owner

    Sees the company's whole picture, manages users, and is responsible for key decisions.

  2. [02]

    Team

    Sees and does only what relates to their task.

  3. [03]

    Accountant or finance partner

    Needs sources, approvals, and material in a verifiable form.

  4. [04]

    External user

    Access is scoped to the situation. Not everyone needs the full finance view.

Audit trail

04 / 09

Every decision keeps a route back to the source.

Audit cannot be a PDF you hunt for later or a detached log you find only when something goes wrong. It has to be born during the work itself. When the user approves, changes, or checks financial data, Vantnod has to show where it came from, who acted, what changed, and when.

Audit logIllustrative
Source
Which document, transaction, or receipt is this information linked to?
Actor
Who made the change, approval, or check?
Role
On what right did the user act?
Time
When did the change happen?
Change
What changed relative to before?
Decision
Was it a Noa suggestion, a human approval, or the user's own action?

Example row (illustrative)

2026-06-09 14:02 · Noa suggested · human approved · entry #-

Data and storage

05 / 09

An EU-first model for financial data.

Vantnod is built for European company and financial data. What matters is not only where the data sits, but also how it is accessed, who uses it, how changes are recorded, and how the user can understand the flow.

  1. [01]

    Storage

    Financial data storage is designed EU-first.

  2. [02]

    Processing

    Data is processed by task and purpose.

  3. [03]

    Access

    Access is scoped by role, company, and task.

  4. [04]

    Deletion and retention

    The user gets a clear answer to what is kept, why, and for how long.

  5. [05]

    Partners

    Core technology and processing partners are described openly when they relate to the user's data.

Partners and responsibilities

06 / 09

No vague "trusted partners" fog.

Many services hide critical technology and processing roles behind generic language. Vantnod's stance is different: if a partner is materially involved in financial-data handling, payments, analytics, infrastructure, or messaging, the role has to be described in a way the user can understand.

  1. [01]

    What does the partner do?

    Infrastructure, payments, messaging, analytics, integration, or another role.

  2. [02]

    Which data may it touch?

    Financial data, user data, payment data, technical logs, or other scoped information.

  3. [03]

    Where does the responsibility run?

    What is on Vantnod, what is on the partner, and what can the user control themselves?

Before you send data

07 / 09

Start with a description, not sensitive attachments.

If you're asking whether Vantnod fits, don't send sensitive attachments in the first message. Describe the situation at a general level first: country, company form, current finance stack, and the decision that too often waits for information.

Not yet:

  • personal identification numbers
  • payroll data
  • bank statements
  • receipts or invoices
  • customer lists
  • accounting files

If more detailed material is needed, we agree on a secure way separately. This is part of security: not everything should move before it is clear what we are solving.

Status

08 / 09

The security model grows with the product.

Vantnod's security model evolves with the product. The security page states principles. The changelog shows what actually changes.

Shipped
A feature or behaviour that is in use.
Beta
A model in limited use that is being refined based on feedback.
Roadmap
An identified and planned need that is not yet complete.
Design decision
A product-architecture or accountability decision that guides how things are built.

Closing

Bring the financial data only after trust is clear.

Vantnod's security is built on visible responsibility: sources, roles, approvals, Noa's boundaries, and the audit trail.

You can ask, for example, where data is stored, who can access it, what Noa is allowed to suggest, how human approval is separated from the AI suggestion, how roles work with a team or an accountant, and how data is deleted or scoped.

Ask first. Bring the data only after you know how it will be handled.