A server architecture engineered for your financial data
Timint runs on a V2 architecture where your counter, projections and recommendations are computed server-side, in a dedicated European infrastructure — never on your phone. Your data stays isolated, encrypted, and always under your control.
End-to-end encryption
All your data is encrypted in transit (TLS 1.3) and at rest (AES-256).
- TLS 1.3 protocol for all communications
- AES-256 encryption for stored data
- Encryption keys rotated regularly
Enhanced authentication
Protect your account with multiple layers of security.
- Two-factor authentication (2FA)
- Biometric login (Face ID / fingerprint)
- Automatic app lock
Secure cloud infrastructure
Our servers are hosted on certified and redundant infrastructure.
- Google Cloud Platform hosting (Europe)
- ISO 27001 certified data centers
- Automatic geo-replicated backups
Financial data protection
Your financial data benefits from enhanced protection.
- Financial data isolated and encrypted separately
- No direct access to your bank accounts
- Payment information tokenization via Stripe
Access control
You maintain full control over your data and account.
- Trusted device management
- Login activity log
- Remote logout from all devices
Security testing
Our application is regularly audited and tested.
- Regular security audits
- Penetration testing by independent experts
- Responsible disclosure program
Server-first architecture (V2)
The computation of your counter, your snapshots and your recommendations runs server-side, never on your phone.
- Business logic hosted in Firebase Cloud Functions (europe-west1)
- 14 dedicated snapshot collections, isolated per user
- Your phone only receives display-ready data, never the sensitive computation
Confidential-by-design AI Coach
Our AI Coach advisors run server-side; your personal context never leaves our infrastructure in clear text toward an external LLM provider.
- Financial context anonymised before any LLM call
- Zero-retention configuration enabled at OpenAI and Anthropic
- AI logic not reverse-engineerable from the mobile bundle
Real-time resilience & time zones
The counter respects your time zone and survives connectivity interruptions.
- TZ-aware midnight rollover (your local rhythm, never forced UTC)
- Encrypted offline cache (80 MB) for continuity without connection
- Server recompute triggered on every mutation (latency < 3 s)
Secrets management & rotation
Integration tokens (Shopify, Stripe, AI) are stored in Google Cloud Secret Manager — never bundled into the app.
- No secret in the mobile bundle distributed on the stores
- Documented rotation for API keys and sensitive credentials
- Strict isolation between test and production environments
Auditing & native TTL
All sensitive actions are logged with a clear retention policy.
- Firestore audit log with native 90-day TTL (automatic purge)
- Per-user scoped cache wiped at sign-out
- Multi-environment traceability for GDPR compliance
Certifications & compliance
GDPR
Compliant with the General Data Protection Regulation
PCI DSS
Payment data security standard (via Stripe)
SOC 2
Security and availability controls (infrastructure)
ISO 27001
Information security management system