SuiteReport Data Privacy & Security Policy

Our Commitment to Data Privacy

At SuiteReport, privacy and security are built into the product from day one. As an Excel-based financial reporting add-in, SuiteReport is designed to work inside your local environment—giving you full control over your data while eliminating unnecessary risk exposure.

We do not store, process, or transmit your data on our servers. All data stays within your Excel workbook and under your organisation’s governance. This policy outlines how SuiteReport handles security, access, encryption, AI, and compliance.

How SuiteReport Works

SuiteReport connects Excel to your authorized data sources, NetSuite and live banking feeds, using secure integrations. It does not operate as a cloud platform or data processor. Everything you do with SuiteReport happens inside your Excel session.

Key principles behind our design:

  • Local execution only. SuiteReport runs within Excel and does not require a separate login or backend system.
  • No background syncs. We don’t run background jobs or transfer your data elsewhere.
  • No hidden access. All data retrievals are user-initiated and role-limited.

NetSuite Integration

SuiteReport integrates with NetSuite through the official NetSuite ODBC connector, a secure connection layer developed and managed by NetSuite. This connector allows you to query and retrieve live ERP data from within Excel.

What we ensure:

  • We do not collect or store your NetSuite credentials, API keys, or session tokens.
  • We follow your existing role-based access control settings inside NetSuite. If your NetSuite role limits access, SuiteReport respects that restriction.
  • Data is retrieved only when you initiate a query and remains visible within Excel.
  • No NetSuite data is stored, cached, or sent to any SuiteReport infrastructure.

This design ensures that your ERP data remains within your systems, with no exposure to third-party platforms.

Banking Integration via Salt Edge and Plaid

SuiteReport lets you connect live banking data (such as balances and transactions) into Excel using Salt Edge and Plaid, two of the most trusted global aggregators for financial data.

We do not handle or access any of your bank credentials or account tokens.

Details you should know:

  • Connections are initiated and authorized by you through Salt Edge or Plaid’s secure flow.
  • SuiteReport never requests, stores, or routes banking credentials or tokens.
  • Data is shown directly in Excel and is not transferred or stored elsewhere.
  • There is no replication, caching, or backup of your banking data inside SuiteReport.

Security Certifications

  • Salt Edge is ISO/IEC 27001:2022 certified and SOC 2 Type II audited.
  • Plaid is ISO/IEC 27001 and 27701 certified, and also SOC 2 Type II compliant.

These providers meet financial-grade security standards and are trusted by leading banks and fintechs globally.

Data Encryption Standards

We rely on modern encryption standards for all data connections between Excel and external systems.

  • NetSuite supports TLS 1.2 and TLS 1.3 for encrypted data access through its ODBC connector.
  • Salt Edge enforces TLS 1.2 and 1.3 for all API communications.
  • Plaid serves its APIs over HTTPS TLS 1.2+ only. Lower protocol versions are not supported.

SuiteReport does not alter or weaken these encryption protocols. We do not intercept, proxy, or inspect any data traffic. All encryption is maintained end to end between your Excel client and the source system.

AI Features and Data Privacy

SuiteReport includes AI-powered functionality to help you analyze data, create formulas, and summarise results using plain language commands. These features operate locally within Excel and do not interact with external AI services.

Here’s how AI works inside SuiteReport:

  • No user data is sent to cloud-based AI models or external servers.
  • AI tools analyze only what is visible in your Excel workbook at the time you run a command.
  • AI actions must be triggered by you manually.
  • We do not collect or store your inputs or workbook content.

To improve the AI’s understanding of financial terms, SuiteReport maintains a predefined field mapping dictionary (e.g., “Revenue” → “NS_Rev_Gross”). This reference list is static and does not contain any transactional or user-specific data.

Microsoft Office Store Certification

SuiteReport is an officially listed and approved add-in on the Microsoft Office 365 Store. This certification means:

  • Microsoft has validated our add-in for security, sandboxing, and data access permissions.
  • All updates go through Microsoft’s Partner Center review process before release.
  • The add-in can only be installed via Microsoft’s secure store—not sideloaded or altered.

We follow Microsoft’s developer policies for Office integration, including compliance with their standards for privacy, performance, and platform integrity.

Data Protection Approach

Our data protection practices are rooted in simplicity and control:

  • No SuiteReport servers store customer data.
  • No telemetry, no analytics, no hidden tracking.
  • You control every data connection, access configuration, and workbook.

This architecture reduces the risk of exposure and is designed for compliance-sensitive environments such as finance, consulting, and internal audit.

Compliance & Governance Alignment

SuiteReport is aligned with international best practices, including:

  • GDPR Compliance: SuiteReport is designed in full alignment with the principles of the General Data Protection Regulation (GDPR). Because SuiteReport does not store or process personal data on its own infrastructure, the requirements typically associated with data processors do not apply. However, we still adhere to GDPR principles such as data minimisation, security by design, and user control.
  • Data residency protection: No SuiteReport feature transmits data off your system.
  • Access governance: We follow the access rules you’ve already set in NetSuite and bank feeds.

Need More Info?

We’re here to support your team.

Contact:

info@suitereport.ai

suitereport.ai