How FDF Wizard protects your clients' financial information. For attorneys, mediators, and paralegals.
Every login is protected by 2FA as an additional layer of account security.
Sensitive data is encrypted in the database. All connections use HTTPS with TLS encryption.
Domain-level security with DDoS protection and SSL management.
POPIA (the Protection of Personal Information Act, Act 4 of 2013) is South Africa's data protection law. It governs how personal information is collected, stored, used, and shared.
FDF Wizard processes personal information as part of preparing Financial Disclosure Forms. Security measures including two-factor authentication, database encryption of sensitive fields (names, identity numbers), secure document storage, and environment separation form part of FDF Wizard's POPIA-aligned security approach.
The platform infrastructure is hosted by ART Technologies in South Africa, acting as an operator under POPIA. A formal services agreement governs data processing, confidentiality, and breach notification between FDF Wizard and ART Technologies.
The application and database are hosted in South Africa by ART Technologies. Cloudflare is used for domain-level security, which may route traffic through international infrastructure as part of normal security operations. The Privacy Policy will be updated if any material change to cross-border data flows occurs.
Your account information, matter data, uploaded documents, and usage records are stored on secure server infrastructure hosted by ART Technologies in South Africa. Your work is saved when you log out or close your browser. You can log back in, continue where you left off, review documents, and generate outputs.
Sensitive personal information such as names and identity numbers is encrypted in the database.
Uploaded files are stored securely and remain linked to your matter. They are available when you log back in. This includes bank statements, valuations, payslips, and any other supporting documents you attach.
No. Each user account has access only to their own matters and documents. Where a firm has multiple users, access controls keep each user's data separate. Firm-level administrators may have visibility over matters within their firm, but cannot access matters belonging to other firms or practitioners.
Yes. All user logins are protected by two-factor authentication (2FA). You verify your identity with a second step when logging in. This significantly reduces the risk of unauthorised access, even if your password is compromised.
Yes. Sensitive information stored in the database, such as names, identity numbers, and similar identifying information, is encrypted. All connections between your browser and the server use HTTPS with TLS encryption, the same standard used by banks.
Cloudflare is a domain-level security service. It sits between users and the FDF Wizard servers, filtering malicious traffic before it reaches the application. It provides DDoS protection (defence against cyberattacks that try to take websites offline) and assists with SSL certificate management.
FDF Wizard is hosted by ART Technologies, a South African hosting and development company. ART Technologies manages the server infrastructure, database, backups, security, and technical support. Development and production environments are separated so that changes are tested before being applied to the live platform.
Access to user data is limited to two parties:
1. FDF Wizard product owner and authorised personnel — for product management, user support, and issue resolution.
2. ART Technologies (hosting provider) — for server administration, database management, security maintenance, backups, and technical support.
ART Technologies personnel operate under a formal services agreement that includes confidentiality and non-disclosure obligations. No other party has access to your data. FDF Wizard does not sell, share, or provide user data to any third party for marketing or any purpose unrelated to operating the platform.
FDF Wizard is building internal bank statement parsing to handle conversion within the platform. Where the platform currently uses a third-party service for PDF-to-CSV conversion, the relevant document may be transmitted to that service for processing. FDF Wizard assesses the privacy, security, and POPIA position of any such service before integration. This answer will be updated as the internal conversion capability is finalised.
No. User data is not sent to external AI tools or services. If AI processing is introduced in future, it will be handled internally, and the Privacy Policy and this FAQ will be updated accordingly.
FDF Wizard provides a secure platform. As a practitioner (whether attorney or mediator), you are responsible for:
Keeping your login credentials secure. Do not share your password. Use a strong, unique password.
Completing the 2FA step. Two-factor authentication only works if you use it.
Securing your own device. Use full-disk encryption (FileVault on Mac, BitLocker on Windows), lock your computer when you leave your desk, and use a strong login password.
Managing exported files. If you export data from FDF Wizard, treat the export file as confidential. Store it securely and delete it when no longer needed.
FDF Wizard collects account information (name, email, login credentials), matter data, uploaded documents, usage and token records, and technical information such as login activity and system logs required to operate and secure the platform. No data is shared with advertising networks. No tracking pixels or analytics cookies are used. See the Privacy Policy for full details.