Trust & Security

AutoCalc does not store payslip files. When you upload one, the bytes are sent to our document-parsing service and then discarded. We never write the file to disk or any database.

This applies to every upload, every user, no exceptions. If our team needs sample documents to test or improve the parser, we use our own test fixtures — not files uploaded by brokers.

What we do keep is the structured data extracted from the document (e.g. employer, gross pay, allowances), and only inside the saved cases you create. You can delete those cases at any time. See the retention table in section 7.

Before a payslip is uploaded, you see a full preview of it inside your own browser and can black out anything you don't want to share — tax file numbers, bank account details, addresses. AutoCalc finds those fields automatically and highlights them for you — one click hides a highlighted field, and you can draw your own boxes before anything is sent. You stay in control: nothing is hidden (or kept visible) without your say-so.

Redaction is real removal, not a sticker. Some PDF tools draw a black box over text while the words remain underneath, ready to be copy-pasted out. AutoCalc instead converts the document to a flat picture with the boxes burned in. The original file — hidden text and all — never leaves your computer. What we receive contains no trace of what you covered.

See it for yourself, no technical skills needed: turn off your Wi-Fi after choosing a file. The preview and redaction still work, because they run entirely on your device. Nothing is uploaded until you press the upload button.

For your IT or compliance team

The preview is rendered with a locally-bundled copy of PDF.js served from our own domain — no third-party scripts or CDNs are fetched on this path. Verification: open the browser's developer tools, Network tab, then select a payslip. No request leaves the browser until the upload button is pressed. If you have blacked anything out, the request contains only the flattened, redacted copy — a rasterized image with no text layer; the original file with the covered content is never transmitted. If you apply no redactions, the file is sent as-is.

AutoCalc never uses AI to do calculations. Every borrowing-capacity number you see — max loan, UMI, assessment rate, shading — is produced by deterministic TypeScript code that mirrors each lender's own serviceability spreadsheet, line for line. There is no language model anywhere in the calculation path. The only thing AutoCalc uses a model for is reading a payslip PDF and turning it into structured fields (employer name, gross pay, YTD figures, etc.).

The parser runs deterministically. The same payslip produces the same extracted output on every run. It is not generating numbers or making predictions — it is performing OCR-plus-layout and labelling the rows it finds.

You always review before anything is used. After a payslip is parsed, the broker sees every extracted figure (per-period base, overtime, bonus, allowances, YTD, super) inside the income summary card and can edit, override or reclassify any of them before the calculator runs. Nothing flows into the bank calculations until the broker accepts the parsed values.

Why this matters. A common worry about AI is hallucination — the model inventing a number. AutoCalc structurally rules that out two ways: (1) we never let the model do arithmetic; it only labels what is already on the page, and (2) the serviceability calculation is run by Excel-equivalent TypeScript code that has thousands of automated tests cross-checking it against each lender's own spreadsheet. If the broker corrects an extracted figure, the calculator simply uses the corrected value.

Where the document is processed:

Parsing runs on Amazon Bedrock inside AWS's Sydney region. The commitments we rely on from AWS:

• We never use customer data to train our AI. Payslips and any other content you submit are not used to train, retrain, or improve any foundation model — not by AutoCalc, and not by AWS or the underlying model providers.
• Customer data is used once and then discarded. Your payslip is sent to Bedrock for a single inference call. AWS does not retain the input or the output after the request completes — nothing is logged, cached, or stored by the provider.
• Inputs stay within the AWS Sydney region for the duration of the request.

These commitments come directly from AWS's published terms for Bedrock. See AWS Bedrock Security & Compliance for the source.

AutoCalc routes every payslip parse through Sydney. The extracted structured data we receive back is the only thing that touches our systems.

SOC 2 (System and Organization Controls 2) is an independent audit standard, set by the AICPA, that examines how a software company handles customer data across five trust criteria: security, availability, processing integrity, confidentiality, and privacy.

A SOC 2 audit is conducted by an external accounting firm. They review how our controls actually operate — from how we provision accounts and rotate keys to how we respond to incidents — and publish a report companies can request before they trust us with their data.

Type I reports the design of those controls at a point in time. Type II reports how they have operated across a window (typically 6–12 months).

AutoCalc is currently working towards SOC 2 Type I. The audit is in progress and the report is expected in the near future. We are publishing this page now, rather than waiting for the report, so you can see exactly what controls we operate today.

We do not claim to be “SOC 2 certified” or “SOC 2 compliant”. The AICPA does not certify; companies receive a report after a successful audit. We will update this page with the firm name and report date once those are confirmed, and link the report itself when issued.

• Encryption in transit — all traffic to and from AutoCalc is over HTTPS/TLS 1.2+.
• Encryption at rest — all stored data is encrypted server-side (AES-256).
• Australian data residency — all infrastructure lives in our cloud provider's Sydney region. No data leaves Australia.
• No-training commitment — customer data is never used to train AI models. Each payslip is sent to Amazon Bedrock once and discarded after the response returns (see section 3).
• Deterministic parsing, no AI in calculations — payslip extraction is deterministic (same input → same output) and is reviewable by the broker. Borrowing-capacity figures are produced by deterministic lender-specific code, not by a language model (see section 3).
• Authentication — sign-in is delegated to our identity provider with Google OAuth. Passwords are never stored by AutoCalc.
• Session lifetime — session tokens expire after 4 hours. Deactivated accounts lose access on the next request.
• Least-privilege access — production data is accessible only to a small number of named team members through scoped access controls. Admin and staff role grants happen only via our cloud provider's admin console — there is no way for the application itself to elevate a user's privileges.
• Audit logs — operational logs are retained for 90 days. Logs contain metadata (file hashes, request IDs, outcomes) but do not contain extracted payslip content.

AutoCalc relies on the following third-party services. Each is bound by its provider's data-handling terms.

Only a small number of named AutoCalc team members have production access. Admin and staff role grants are made via our cloud provider's admin console — there is no path inside the AutoCalc application that lets a user grant themselves elevated access.

Brokers can only see the cases they themselves have created. Admins can list customer accounts for support and tier management but do not have a path that exposes raw payslip files (because none are stored).

If we detect or are notified of a security incident, we will investigate, contain, and (where required by the Privacy Act 1988 or applicable law) notify affected users.

Report a security concern to: support@autocalc.com.au. We aim to acknowledge within one business day.

Brokers and broker firms can request a Data Processing Agreement covering AutoCalc's role as a processor under the Australian Privacy Principles. Email support@autocalc.com.au and we will send the current template.