Amperage

Security

Your electricity data is commercially sensitive. Here is exactly how we protect it.

Infrastructure

  • Application hosted on Google Cloud Run in australia-southeast1 (Sydney). All project data stays in Australia.
  • HTTPS enforced on every connection — no unencrypted data in transit.
  • Containers are stateless and isolated. Each request runs in a fresh context.
  • No customer data is written to application logs.

Data storage

  • PostgreSQL database hosted in Sydney with encryption at rest (AES-256).
  • Uploaded bills and consumption files are stored as encrypted database records, not on a shared filesystem.
  • Database connections use SSL and are restricted to the application service account.
  • Backups are encrypted and retained for 7 days.

Authentication

  • Powered by Firebase Authentication. Supports email/password with mandatory email verification.
  • Session tokens are validated server-side on every API request.
  • Password requirements: minimum 10 characters, mixed case, number, and symbol.
  • Rate limiting on login and signup endpoints to prevent brute-force attacks.

Access control

  • Role-based permissions: users only see projects belonging to their company.
  • Admin and global admin roles are separately authenticated and audited.
  • Company invitations are controlled by company administrators with email verification.
  • Feature-gated access: AI bill extraction requires Pro tier, enforced server-side.

AI bill processing

  • Bill images are sent to Anthropic Claude over encrypted HTTPS connections for tariff extraction.
  • Anthropic does not use API inputs for model training and does not retain bill images after processing.
  • Extracted data is validated through a multi-stage normalisation pipeline before being stored.
  • Identifying information (business name, address, NMI, account numbers) is stripped before any anonymised data is used for estimate improvements.

Responsible disclosure

Found a vulnerability? Email security@amperage.app with details and reproduction steps. We acknowledge reports within 2 business days and aim to resolve confirmed issues within 14 days. Please do not publicly disclose until we have had a chance to respond.