We handle institutional portfolio data. Here's exactly how it works — no vague promises, just the technical reality.
We're not going to hide behind buzzwords. This page explains, in plain language, every system we use, what data goes where, and what happens to it. If you have questions, email rivarainsights@gmail.com.
When you create an account, your password is hashed with bcryptusing a cost factor of 12. That means we never store your actual password — only a one-way hash. Even if someone accessed our database, they couldn't reverse it.
When you sign in, we issue a JSON Web Token (JWT) signed with HS256. This token expires after 1 hour. Your browser stores the token and sends it with every request so the server knows who you are. When it expires, you'll be asked to sign in again.
We don't use third-party auth providers (no Google sign-in, no Auth0). Your credentials stay between you and our server. Password reset emails are sent via Resend (see Third-Party Services below).
When you upload a portfolio spreadsheet, the file is parsed in memory on the server. We extract the numbers (managers, returns, weights, benchmarks) and store them in the database. The original file is not stored.We don't keep your Excel file — only the structured data from it.
Every piece of data in the database is scoped to your organization. When you create an account, an organization is created for you. All your portfolios, benchmarks, AI conversations, and settings belong to that organization. API routes verify your organization ID on every request — you can't access another organization's data.
All analytics (attribution, risk metrics, stress tests, etc.) are computed on the flyfrom your stored data. We don't pre-compute or cache your results — every chart you see is calculated fresh from the source numbers.
The AI analyst uses Anthropic's Claude API — specifically the claude-sonnet-4-6model. Here's exactly what happens when you ask a question:
1. Your question is sent to our server. If portfolio context is turned on, we pull your portfolio data (managers, returns, weights, benchmarks) from our database and include it in the prompt so Claude can compute answers.
2. The prompt — your question plus the portfolio context — is sent to Anthropic's API. Anthropic does not train on API data. Per their policy: data sent via the API is not used to train models, is not stored beyond the request, and is processed under their SOC 2 Type II certification.
3. Claude streams back a response, which we display in the panel. The response is saved in our database (tied to your organization) so you can reference past conversations.
What Claude sees:Your question, your portfolio data (if context is on), any recent macro data (Fed rates, VIX, spreads), and your conversation history for the current session. Claude does not have access to your account credentials, other users' data, or our database directly.
What Claude does not see:Other organizations' data, your password, your email, or any data you haven't explicitly shared via the analyst.
The statement parser uses Claude Haiku (claude-haiku-4-5) to extract data from manager statement PDFs. Here's the flow:
1. You upload a PDF. The file is read in memory— it's not written to disk or stored anywhere permanently.
2. The PDF is converted to base64 and sent to Anthropic's API along with a structured extraction prompt. Claude reads the document and returns the extracted fields (returns, AUM, benchmark, period, etc.) as structured data.
3. We show you the extracted data for review. Nothing is written to your portfolio until you explicitly approve it.
4. After processing, the PDF data is discarded from memory. We do not store the original PDF. Anthropic does not store it either (API data retention is zero).
We use OpenAI's text-embedding-3-smallmodel to create embeddings — numerical representations of text. This powers the "institutional memory" feature: when you have conversations with the AI analyst, we embed the Q&A pairs so the system can retrieve relevant past context for future questions.
The embedding process sends only the text of your conversation(not your raw portfolio data) to OpenAI's API. OpenAI's API data policy: data sent via the API is not used for training and is not stored beyond the request.
The resulting embeddings (vectors of numbers, not readable text) are stored in our database using pgvector (a PostgreSQL extension) alongside the original text, scoped to your organization.
Hosting: The application runs on Vercel. All traffic is encrypted with TLS 1.3 — the connection between your browser and our servers is always encrypted. Vercel is SOC 2 Type II certified.
Database: We use Neon, a serverless PostgreSQL provider. Your data is encrypted at rest with AES-256. Connections use SSL. Neon is SOC 2 Type II certified. The database is in the US East region.
No self-managed servers.We don't run our own infrastructure. Everything runs on managed, audited platforms. This means we benefit from their security teams, patching, and compliance programs without maintaining our own data centers.
We use Resend for transactional emails — account verification, password reset, and contact form submissions. Resend receives only the email address and the email content. No portfolio data is ever included in emails.
Portfolio uploads accept .xlsx files up to 10MB. Statement uploads accept .pdf files up to 32MB. Files are validated for type and size before processing.
All file processing happens in memory on the server. Files are parsed, validated, and the structured data is written to the database. The original files are never stored on disk, in cloud storage, or in the database. Once the request completes, the file data is garbage-collected.
Questions about our security practices? We're happy to go deeper on any of this.
rivarainsights@gmail.com