Data handling

How files, results and audit evidence move through ReconNimble

Private processing is separated from public content. Source files are validated, staged outside direct browsing and never placed in formula permalink URLs.

Upload validation

ReconNimble checks PHP upload status, file size, extension and server-detected MIME. CSV and TSV rows are streamed. XLSX reading uses ZipArchive and SimpleXML with row and column caps instead of loading a large spreadsheet framework into shared-hosting memory.

Protected staging

Authenticated reconciliation sources are staged inside protected storage with generated workspace names. Source hashes are recorded for audit evidence. The browser does not receive a public path to the original file.

Results and exports

Result JSON and generated CSV, XLSX or PDF exports are stored outside direct public browsing. Downloads use random expiring tokens and respond with no-store and X-Robots-Tag noindex headers.

Scheduled summaries

A scheduled report summarises the latest completed job for a saved profile. It does not fetch new data from QuickBooks, Xero, a bank or another remote system. Live connectors are separate credential-dependent work.

Cleanup and audit

The supplied cron scripts remove expired public-tool exports, old staged uploads and temporary workspaces according to the configured retention window. Deletion events record a non-reversible hash rather than the deleted file contents.

User responsibility

Upload only data you are authorised to process. Minimise personal information, restrict account access and test exports before using them for payment, payroll, HR, tax, inventory or compliance decisions.