Security overview
Credit-report data is sensitive. The product is designed to treat it that way.
Data protection
DearBureau uses encrypted network connections for data in transit and encrypted storage for sensitive report information at rest. Production access is restricted to the systems and people needed to operate and support the service.
Tenant isolation
DearBureau runs on a tenant-aware platform. Requests are resolved by the configured host, and tenant identity travels with account, document, billing, email, and workflow records. The app refuses unconfigured domains instead of silently falling back to another brand.
Payments
Card details are entered into hosted fields supplied by the payment provider. DearBureau receives a payment token and limited payment-method details rather than storing a full card number in the app.
Mail and email
Outbound email and optional mailed documents are tenant-branded and tied to the relevant tenant and user workflow. Delivery and suppression events are tracked so failed or blocked messages are not blindly retried.
Your part
- Use a unique password and keep access to your email account secure.
- Do not share report files or workspace links with people you do not trust.
- Review recipient addresses and every document before approval or mailing.
- Contact support promptly if you suspect unauthorized access.
Report a security concern
Send a clear description, affected URL, and safe reproduction steps to support@dearbureau.com. Do not include a full Social Security number, password, or full credit report in the first email.