Security
Last updated: June 30, 2026
Security is core to Fillbook. Below is how Hogan Investment Group LLC protects your account and your trading data. This page describes our practices and is not a warranty; see our Terms.
Read-only brokerage access
When you connect a broker or aggregator, Fillbook requests read-only access — enough to import your trade history, and nothing more. Fillbook cannot place, modify, or cancel orders and never trades on your behalf.
Authentication
Sign-in is handled by a dedicated identity provider with support for strong, passwordless options (passkeys/WebAuthn). Fillbook does not see or store your password.
Per-user data isolation
Each account’s journal is stored in its own isolated database. Your trades, notes, and analytics are scoped to you and are not visible to other users.
Encryption in transit
All traffic to Fillbook is served over HTTPS/TLS. The application is reached through an authenticating proxy, so unauthenticated requests cannot reach your data.
Credentials and secrets
Brokerage tokens are stored server-side with restricted file permissions and are never exposed to the browser. We rotate and revoke tokens as needed.
Payments
Subscription payments are processed by a PCI-compliant third-party payment processor. Fillbook does not store full payment-card numbers.
Data deletion
You can request deletion of your account and associated data at any time. See our Privacy Policy.
Reporting a vulnerability
Found a security issue? Please report it responsibly to [email protected] and allow us reasonable time to remediate before public disclosure.