Skip to content
AcumenInvoice

Security & Deployment

Your invoices stay where your invoices belong: on your server.

AcumenInvoice is designed around a single principle: financial documents are too sensitive to hand to a third-party cloud unless there is no alternative. There is an alternative — and this is it.

On-premise deployment architecture

Data sovereignty

Every invoice, vendor name, line item, tax ID, and approval signature lives in a database you own, on a server you control, in the jurisdiction you choose.

Compliance by design

Data residency requirements (PIPEDA, provincial privacy laws, internal IT policies) are satisfied because the data never moves. No DPA negotiations, no sub-processor lists.

No vendor lock-in

You own the database, the documents, and the deployment. If you ever stop using AcumenInvoice, your data stays with you, in a standard PostgreSQL instance.

No per-invoice fees

Cloud SaaS pricing scales with your volume. AcumenInvoice is licensed per server. Process 100 invoices a month or 100,000 — same licence.

Operates offline

No external API calls during invoice processing. Suitable for air-gapped sites that pull updates manually on encrypted media.

Auditable code paths

Every validation rule, routing decision, and approval signature is recorded with cryptographic integrity. Auditors can trace any invoice end-to-end.

System Requirements

Modest hardware, straightforward operations

Recommended baseline

Handles 10,000+ invoices/month comfortably

  • CPU4+ cores (x86_64 or ARM64)
  • Memory16 GB RAM
  • Storage200 GB SSD
  • OSUbuntu / Debian / RHEL / Rocky
  • DatabasePostgreSQL 14+
  • ContainerDocker (optional)

Operations & backup

Fits into your existing IT processes

  • ✓ Standard Postgres backups — wherever your other databases back up to
  • ✓ systemd services for clean start/stop and journal-based logging
  • ✓ Health/readiness HTTP endpoints for your monitoring stack
  • ✓ Configuration via environment variables and YAML; secrets read from disk or env
  • ✓ Optional integration with your SSO provider (SAML / OIDC)
  • ✓ Updates pulled from our signed update channel — never accept invoice content

Want our security & architecture brief?

Send us your IT team's questionnaire — we'll fill it in and ship back the technical detail your security review needs.

Schedule Demo Download Brochure