Stop emailing
Start requesting them safely.
Magic-link document collection for insolvency trustees and credit counsellors. Clients upload pay stubs, tax slips, statements and asset documents through one secure link - virus-scanned, encrypted, and audit-logged. No account, no email pile-up.
14-day free trial · No charge until day 15 · Cancel anytime
Built for licensed insolvency trustees · credit counsellors · debt advisors
I'm a…
“A single file is dozens of statements, pay stubs and tax slips - all arriving by email, one attachment at a time.”
- One link collects the entire financial-disclosure package as a tidy checklist the client works through.
- Files virus-scanned, encrypted at rest, and audit-logged as your evidence of what was collected and when.
- Reusable disclosure template so each new file starts the same intake instantly.
- Return signed documents to the client through the same secure link.
Three steps. No software for your client.
Create a request
List the files you need. Pick from a starter template (mortgage, refinance, tax return, KYC) or build your own checklist.
Your client gets a magic link
One email, one click, no account. They see a tidy checklist on a page branded as your firm, not ours.
Files land in your dashboard
Each one is scanned for viruses, encrypted at rest, and added to the audit log so you know who sent what when.
Email wasn't built for client documents.
You already know the alternatives have problems. Here's how this stacks up against what you're probably doing today.
| Capability | Dropbox / WeTransfer | ReceiveVault | |
|---|---|---|---|
| Client needs an account | No | Often yes | No |
| Virus-scanned on arrival | No | No | Yes (ClamAV) |
| Audit log of who-sent-what-when | No | Limited | Every action |
| Branded as your firm | No | No | Yes |
| Files encrypted at rest | Provider-dependent | Yes | Yes |
| Optional end-to-end encryption | No | No | Yes (Business+) |
| Send files securely outbound | Attachment-only | Yes (separate flow) | Yes (same portal) |
| Canadian-hosted | Usually no | No | Yes, in Canada - outside US CLOUD Act jurisdiction |
The boring parts, done properly.
Virus scanning
Every upload goes through ClamAV before it lands in your dashboard. Infected files are quarantined and you get an alert.
Encryption at rest
Files live in S3-compatible object storage with server-side encryption. Optional client-side end-to-end encryption on Business+.
Full audit log
Every action gets a timestamped record with the actor: request created, link sent, file uploaded, file downloaded. Exportable.
No-account uploads
Your contact clicks a magic link and uploads. No password, no sign-up, no support email asking how to use Dropbox.
Canadian-hosted
Servers in Canada, TLS everywhere, secrets managed in environment variables, and no third-party trackers on customer-facing pages.
MFA on every account
TOTP, hardware passkeys (YubiKey / iCloud / Windows Hello), and recovery codes. Sudo gate on destructive actions.
Built for the people who send the scary stuff.
Stop chasing files over email
Send one link instead of a back-and-forth email thread. Your contact uploads everything in one place, and you get a clean, timestamped record of what arrived and when.
Addressed to one person, not the world
A request is for a single named recipient - not a public share anyone can open. Turn on one-time-code email verification and a forwarded link will not open for anyone else.
Every contact sends the same set
Build a checklist once and each person returns exactly the files you asked for. No more piecing together a dozen loose attachments per applicant or client.
No account for your contacts
The people you collect from never sign up or set a password. One link, upload, done - which means far fewer “how do I use this” replies landing in your inbox.
A defensible audit trail
Every request, upload, and download is timestamped with the actor. On a regulated file you can show exactly what was collected and when, without reconstructing it from an email thread.
Built for the sensitive stuff
Virus scanning, encryption at rest, configurable expiry, and download limits are there from the start - so the documents your clients are nervous about sending are handled carefully.
Common questions
Is this suitable for regulated financial files?+
Documents are uploaded through a magic link with optional email verification, virus-scanned, encrypted at rest, and audit-logged - the audit trail doubles as your evidence-of-collection record. The technical controls support your obligations, though compliance ultimately remains your responsibility.
Where are the files stored?+
On a Canadian S3-compatible object storage platform with server-side encryption. Files are never copied to third-party clouds, and they sit outside US CLOUD Act jurisdiction.
What happens to files after the request expires?+
Each request has a configurable expiry (default 30 days). After that, the magic link stops working. Files remain in your dashboard until you delete them or your retention policy removes them.
Is this HIPAA / GLBA / CCPA compliant?+
The product is built with privacy-by-design expectations in mind: minimum-necessary collection, audit logging, encryption, expiry. We are not HIPAA-certified and do not sign BAAs at this tier; for HIPAA-adjacent workflows we provide the technical building blocks (encryption, access logs, MFA) but compliance certification is your responsibility. GLBA and CCPA obligations are similarly supported but ultimately yours to attest.
Can I cancel during the trial?+
Yes. The 14-day trial is free and we don’t charge your card until day 15. Cancel any time from the billing page in your dashboard.
Can my clients reply to the magic-link email?+
Yes. Invite emails go out with your email address as the reply-to, so your client can ask a question and it lands in your inbox like a normal reply.
Try it on your next intake.
14 days free, every feature included. Cancel before day 15 and your card is never charged.