Client documents deserve boring, careful handling.
Reddi holds the evidence your firm is professionally responsible for. These are the principles it's built on — written plainly, with the full detail in our legal documents below.
Upload links are scoped, not shared
Clients upload through no-login upload links tied to one request. No accounts to create means no client passwords to leak, reuse or forget.
File access goes through the app
Reddi uses app-mediated file access through signed URLs, written to audit logs, so there's a record of every reminder, upload, replacement request and staff touch.
Every check is tenant-scoped
Access is tenant-scoped and firm-scoped end to end — one firm's clients, documents and audit trail are never visible to another.
AI assists; it never acts alone
Human review boundaries are enforced: checks use cautious language — appears, possible, unable to verify — and route to a person. Nothing is approved, rejected or filed without staff sign-off.
The firm controls the records
Retention, deletion and legal-hold workflows are configured against your firm's own regulatory obligations — Reddi doesn't decide what you keep.
Subprocessors listed, in public
Every infrastructure and service provider Reddi relies on is listed on the subprocessors page — the list your IT reviewer will ask for first.
Bring your IT reviewer. We like the hard questions.
We describe our posture honestly: Reddi does not claim SOC2 certification, and an independent security review is not claimed. What's written here is what we actually do — bring your IT reviewer and we'll answer the hard questions.
No advice given. Reddi collects; your firm advises.
AI assistance never provides accounting, tax, VAT, legal or compliance advice. Professional judgement stays with your people.