KSeF Kit
Start for free

Data & security

KSeF Kit touches two sensitive things: your invoices and your KSeF access. This page says plainly what we store, how we protect it, and why you can test with zero risk.

What we store

  • Stripe invoices and credit notes — we store the finalized invoice payload as an immutable source document. We never mutate it after acceptance; each send attempt is its own record.
  • Company profile — the NIP, name, and address from onboarding. These become the seller details on the FA(3) invoice.
  • KSeF connection — your KSeF token or XAdES material (certificate + private key), the chosen environment (TEST/PROD), and the connection status.
  • UPO — the signed official receipt for every accepted invoice, plus the KSeF number issued.

We do not store card details. Subscriptions run through Stripe Billing — payments never pass through us.

How we protect tokens

Your KSeF token and XAdES material are encrypted at rest (Active Record Encryption). In the cloud edition the token also lives in Stripe's Secret Store, and the database row only tracks status, method, and environment.

The secret fields in connection settings are write-only — the form always renders them blank. Leaving a field blank will not overwrite the stored secret, so routine edits can't accidentally wipe a working token. When you switch authentication method, we discard the other method's material so an unused secret never lingers encrypted in the row.

TEST is completely safe

The TEST environment is the Ministry of Finance sandbox: no legal effect whatsoever. An invoice filed to TEST does not enter the official record — it's a pure check of your setup.

That's why:

  • The environment choice is the first and deliberate step of connecting, with TEST preselected. Accidental PROD is the one thing we genuinely guard against.
  • Switching to PROD requires an explicit confirmation — these are irreversible legal effects.
  • The app shows loud amber signaling whenever you're on TEST, so you never confuse environments.

Test as much as you like. Your first real invoice is only filed once you deliberately switch to PROD. Details: Connecting KSeF.

Account isolation

Every account is a separate tenant. One account's invoices, corrections, connections, and UPOs are tightly isolated from every other — there's no way to see another account's data.

Want full control?

In the self-hosted edition you keep everything yourself: the app, the database, and the keys. See Self-hosting.