Your Data, Protected

Email Only

We store just your email address. No names, phone numbers, addresses, or tracking data.

15-Minute Cache

Calculation results are cached briefly for performance, then automatically deleted. We don't keep your query data.

Formulas Stay Private

Your Excel formulas are never exposed. The API returns results only—your business logic remains yours.

Vercel

Application hosting with global edge network. Enterprise hosting available for customers with stricter requirements.

Redis Cloud

Database for metadata and caching

Hanko

Passwordless authentication

Phishing-Proof Login

We use passkeys instead of passwords. Your credentials are stored on your device, not our servers—making phishing attacks impossible.

• No passwords to steal or guess
• Passkeys only work on legitimate domains
• Cryptographically secure, device-bound

Protected Everywhere

Your data is encrypted in transit and at rest. API tokens are hashed—we never store the actual values.

• TLS 1.3 for all connections
• AES-256 encryption at rest
• SHA-256 hashed API tokens

GDPR

Full GDPR compliance with data minimization, right to erasure, and data portability. DPA available upon request.

Healthcare & Regulated Industries

Need HIPAA? We offer Enterprise hosting on HIPAA-ready infrastructure, or On-Premises deployment in your own compliant environment.

Certified Providers

All our infrastructure providers (Vercel, Redis Cloud) maintain SOC 2 Type 2 and ISO 27001 certifications with annual third-party audits.

Need Complete Data Sovereignty?

Deploy SpreadAPI Runtime in your own infrastructure. Zero external connections, air-gap compatible for runtime execution, no vendor access to your data.