Mortacc is built for professional firms handling sensitive corporate, tax, and governance information. Security is not an afterthought — it is foundational.
All data encrypted at rest (AES-256) and in transit (TLS 1.3). Database encryption, encrypted backups, and secure key management protect client information at every stage.
Firm-to-firm data isolation. Each firm's data resides in its own logical partition. No cross-firm data access — ever. Built for the confidentiality obligations of professional practice.
Multi-factor authentication (TOTP), brute-force protection via Axes, session timeouts, and role-based access controls. Granular permissions per staff member — partners see everything, juniors see assigned work.
Files stored with AES-256 encryption. Encrypted at rest in the database. Encrypted in transit to and from clients. Document-level access controls restrict who can view each file.
Automated daily backups with point-in-time recovery. Encrypted backups stored in Canadian data centers. Regular backup restoration testing ensures recoverability.
PIPEDA-compliant data handling. No client data sold, shared, or used for training. Privacy by design — data minimization, purpose limitation, and retention policies built in.
Data hosted in Canada (Toronto). Built for Canadian professional standards and regulations. All data stays within Canadian borders — important for law society and CPA requirements.
All Mortacc data is hosted in Canadian data centers (Toronto, Ontario). No data leaves Canadian borders. This matters for law society compliance, CPA professional standards, and client confidentiality obligations under Canadian law.
No credit card required. 14-day trial. Your data is protected from day one.
Start Free Trial Ask a Security Question