Stop emailing
Start requesting them safely.
Magic-link document collection for insolvency trustees and credit counsellors. Clients upload pay stubs, tax slips, statements and asset documents through one secure link - virus-scanned, encrypted, and audit-logged. No account, no email pile-up.
14-day free trial · No charge until day 15 · Cancel anytime
Built for licensed insolvency trustees · credit counsellors · debt advisors
I'm a…
“A single file is dozens of statements, pay stubs and tax slips - all arriving by email, one attachment at a time.”
- One link collects the entire financial-disclosure package as a tidy checklist the client works through.
- Every file virus-scanned, encrypted at rest, and audit-logged as your evidence of what was collected and when.
- Reusable disclosure template so each new file starts the same intake instantly.
- Return signed documents to the client through the same secure link.
Three steps. No software for your client.
Create a request
List the files you need. Pick from a starter template (mortgage, refinance, tax return, KYC) or build your own checklist.
Your client gets a magic link
One email, one click, no account. They see a tidy checklist on a page branded as your firm, not ours.
Files land in your dashboard
Each one is scanned for viruses, encrypted at rest, and added to the audit log so you know who sent what when.
Email wasn't built for client documents.
You already know the alternatives have problems. Here's how this stacks up against what you're probably doing today.
| Capability | Dropbox / WeTransfer | ReceiveVault | |
|---|---|---|---|
| Client needs an account | No | Often yes | No |
| Virus-scanned on arrival | No | No | Yes (ClamAV) |
| Audit log of who-sent-what-when | No | Limited | Every action |
| Branded as your firm | No | No | Yes |
| Files encrypted at rest | Provider-dependent | Yes | Yes |
| Optional end-to-end encryption | No | No | Yes (Business+) |
| Send files securely outbound | Attachment-only | Yes (separate flow) | Yes (same portal) |
| Canadian-hosted | Usually no | No | Yes, in Canada - outside US CLOUD Act jurisdiction |
The boring parts, done properly.
Virus scanning
Every upload goes through ClamAV before it lands in your dashboard. Infected files are quarantined and you get an alert.
Encryption at rest
Files live in S3-compatible object storage with server-side encryption. Optional client-side end-to-end encryption on Business+.
Full audit log
Every action gets a timestamped record with the actor: request created, link sent, file uploaded, file downloaded. Exportable.
No-account uploads
Your contact clicks a magic link and uploads. No password, no sign-up, no support email asking how to use Dropbox.
Canadian-hosted
Servers in Canada, TLS everywhere, secrets managed in environment variables, and no third-party trackers on customer-facing pages.
MFA on every account
TOTP, hardware passkeys (YubiKey / iCloud / Windows Hello), and recovery codes. Sudo gate on destructive actions.
Common questions
Is this suitable for regulated financial files?+
Documents are uploaded through a single-use link, virus-scanned, encrypted at rest, and audit-logged - the audit trail doubles as your evidence-of-collection record. The technical controls support your obligations, though compliance ultimately remains your responsibility.
Where are the files stored?+
On a Canadian VPS using S3-compatible object storage with server-side encryption. Files are never copied to third-party clouds, and they sit outside US CLOUD Act jurisdiction.
What happens to files after the request expires?+
Each request has a configurable expiry (default 30 days). After that, the magic link stops working. Files remain in your dashboard until you delete them or your retention policy removes them.
Is this HIPAA / GLBA / CCPA compliant?+
The product is built with privacy-by-design expectations in mind: minimum-necessary collection, audit logging, encryption, expiry. We are not HIPAA-certified and do not sign BAAs at this tier; for HIPAA-adjacent workflows we provide the technical building blocks (encryption, access logs, MFA) but compliance certification is your responsibility. GLBA and CCPA obligations are similarly supported but ultimately yours to attest.
Can I cancel during the trial?+
Yes. The 14-day trial is free and we don’t charge your card until day 15. Cancel any time from the billing page in your dashboard.
Can my clients reply to the magic-link email?+
Yes. Invite emails go out with your email address as the reply-to, so your client can ask a question and it lands in your inbox like a normal reply.
Try it on your next intake.
14 days free, every feature included. Cancel before day 15 and your card is never charged.