Security

Your data
is safe
with us.

Every transaction you log with Brikl is protected with industry-standard security. Here is exactly how we protect your business data.

Security Measures

How we protect
your data.

Data in TransitEncryption

TLS 1.2+ Encryption

All data transmitted between your WhatsApp, our servers, and third-party AI processors uses TLS 1.2 or higher. Man-in-the-middle attacks are not possible on our platform.

Data at RestEncryption

AES-256 Storage

All stored data — transaction records, business profiles, quote history — is encrypted at rest using AES-256, the same standard used by financial institutions worldwide.

Access ControlAuthentication

Identity via WhatsApp

Your Brikl account is tied exclusively to your WhatsApp phone number. No email, no password, no login — only someone with physical access to your phone can send messages to Brikl.

Receipt ProcessingData Minimisation

Images Never Stored

Receipt screenshots you forward to Brikl are processed in real-time to extract the payment amount. The original image is permanently deleted after extraction — never stored in our systems.

InfrastructureInfrastructure

SOC 2 Compliant Hosting

All Brikl infrastructure runs on cloud providers that maintain SOC 2 Type II compliance. Server access is restricted to authorised engineers via multi-factor authentication.

Internal AccessAccess Control

Role-Based Access Controls

Access to production user data is restricted to essential personnel only, via role-based access controls. All internal access is logged and audited.

Vendor SecurityVendor Management

Third-Party Audits

All third-party processors (AI providers, cloud infrastructure) are contractually bound to equivalent security standards and are evaluated annually.

Incident ResponseIncident Response

72-Hour Notification

In the event of a data breach, we will notify affected users within 72 hours via WhatsApp, in compliance with the Nigeria Data Protection Act 2023.

Our Commitment

Security by numbers.

AES-256

Encryption Standard

All stored data is encrypted with AES-256, the same standard used by major banks and financial institutions worldwide.

72hrs

Breach Notification

In the unlikely event of a security incident, we will notify all affected users within 72 hours via WhatsApp.

0 images

Stored After Processing

Receipt screenshots are processed instantly and deleted. We never retain the original image — only the extracted data.

Responsible Disclosure

Found a vulnerability?

We take security reports seriously. If you believe you have found a security vulnerability in Brikl, please contact us responsibly before public disclosure.

Send details to security@brikl.ai with a description of the issue, steps to reproduce, and potential impact. We will acknowledge your report within 24 hours and aim to resolve critical issues within 7 days.

We do not offer a formal bug bounty programme at this time, but we recognise security researchers who help us improve in our release notes.

Report a Vulnerability

Your datais safewith us.

How we protectyour data.