Security

SYNQ handles financial data, so security is built in from the start.

Your books stay in your control

SYNQ connects to Xero over OAuth and posts journals on your behalf. You can review what it does and revoke access at any time from Xero.

Connection tokens and secrets are encrypted at rest. SYNQ stores only what it needs to post and reconcile journals.

We request the minimum Xero scopes required to post manual journals and read the reports you ask for, nothing more.

Every journal line is source-tagged and traceable back to the originating transaction, so reviews and audits are straightforward.

SYNQ runs on Microsoft Azure with managed Postgres and Azure Communication Services for email.

We are building toward formal certification (SOC 2) as we move from early access to general availability.

Security questions? Email minal@somaniglobal.com.