Security & Data

All data transmitted between your browser and Guilded is encrypted using TLS 1.3. Passwords are never stored in plaintext — they are hashed using Argon2, a memory-hard algorithm designed to resist brute-force attacks.

When you upload a credit report PDF, our system extracts the text content and then permanently deletes the raw file. We do not store PDFs. Only the structured account data extracted from the report is retained — and only for as long as your account is active.

Guilded staff can access account metadata (email, tier, usage counts) for support purposes. We cannot read your credit report content unless you explicitly share it in a support ticket. Your financial data is yours.

Guilded runs on secured infrastructure with access controls, automated backups, and monitoring. Our database uses row-level encryption for sensitive fields. Authentication tokens expire after 30 days.

Billing is handled by Stripe, a PCI DSS Level 1 certified payment processor. Guilded never sees, stores, or logs your payment card details. We receive only transaction confirmation and subscription status.

AI responses are generated by OpenAI's API. Your prompts and our responses are transmitted to OpenAI for processing. We do not store conversation history server-side beyond the current session. Review OpenAI's privacy policy at openai.com/privacy.