Security & Privacy
SweepGenie is designed to minimize risk: we avoid storing sensitive documents and only retain what’s needed to run the tool.
What we store
- Session ID and plan access level (Starter/Master)
- Minimal usage events (for rate limits & abuse prevention)
- Code redemption metadata (bypass/discount expirations)
What we do NOT store
- Uploaded credit reports / PDFs / screenshots (not stored server-side)
- Full raw report contents (only extracted/minimized fields if needed)
- Passwords, banking logins, or payment credentials
Security features
- HTTP-only secure session cookies
- Security headers (anti-clickjacking, no sniff, referrer policy)
- No-store caching on sensitive routes
- Daily capacity limits for soft launch protection
- One-time bypass codes that expire after redemption