troveiq
Property investor vault

Your data is private, encrypted,
and stored in Australia.

troveiq is built on enterprise-grade infrastructure. Here's exactly how your documents and financial data are handled — stated plainly, with nothing we can't stand behind.

Your documents and data are stored in Australia

troveiq's database and your document files are hosted on Amazon Web Services in Sydney (ap-southeast-2) — your files and records reside on Australian soil. To run the service, some processing is handled by trusted providers, a few of them overseas — email delivery, payments, and the AI that reads your documents. We name these in our Privacy Policy, vet each one, and never sell your data.

Hosted on
AWS — Sydney
ap-southeast-2 region

Authentication & access

  • Passwordless sign-in — single-use magic links sent to your registered email, expiring in 15 minutes. No password to leak, reuse, phish or forget.
  • Sessions expire after a period of inactivity and require a fresh sign-in.
  • Your documents are never served straight from the database. Loan and rental statements and uploaded files are reachable only through the application, after we've checked who you are — a browser can't read them directly.

Encryption

  • In transit: modern TLS encryption on every connection — the same class of protection as your internet banking.
  • At rest: AES-256 encryption on stored files and database records.
  • Document files are kept in private storage buckets — not publicly accessible and served only via short-lived, signed links.
  • Privileged service keys stay server-side and are never shipped in the browser.

Access controls

  • Only you can open your vault. Your documents, statements and the figures read from them aren't visible to anyone else — not other troveiq users, and not any broker or agency you might be connected to.
  • If you were invited by a broker or agency, even they can't see inside — only your activity and key dates (that a document arrived, a date is coming up), never the contents.
  • Where clients come through a broker or agency, those organisations are kept separate from one another and only ever see their own clients.
  • Administrative access is restricted and recorded in an audit trail.

Your control & privacy

  • You can ask us to delete your account and data at any time, and we'll remove it from active systems.
  • You can opt out of rate-monitoring contact while keeping your vault active.
  • We never sell your data, and only share it with the providers needed to run the service — all named in our Privacy Policy.
  • We handle your personal information in line with the Australian Privacy Principles (Privacy Act 1988).
  • Privacy Policy: troveiq.com.au/privacy
AES-256
Encryption on stored documents and data
Passwordless
Magic-link sign-in — nothing to leak or phish
AWS Sydney
Your data stored in Australia (ap-southeast-2)
Aligned with the Australian Privacy Principles AWS — Sydney data centre TLS in transit + AES-256 at rest Built on Supabase — SOC 2 Type II infrastructure
← Back to troveiq