Skip to content
Formula Audit XL
Download free

Your models never leave your computer.

No data leaves your machine. For finance teams handling confidential models, that is a design choice, not a privacy footnote.

How the add-in processes data

The Formula Audit XL Excel add-in is a desktop application that runs inside the Excel process on your local machine. When you invoke a feature (exploring precedents, colour-coding a sheet with Cell Map, or running Model Check), the computation happens locally. The results (the precedents tree, Cell Map overlays, the _ModelCheck report sheet) are rendered inside Excel itself.

There is no "cloud analysis" step. Your model content does not travel over the internet to reach a Formula Audit XL server, get processed, and come back. The add-in reads your workbook the same way your own Excel formulas read it: locally, inside the same process.

Local-only processing

All formula analysis, tracing, and model mapping runs on your machine inside the Excel process.

TLS for licensing only

The only outbound request is a licence-validity check over HTTPS. It carries your key, not your model.

Read-only by default

Trace and Map features are fully non-destructive. Highlighting is temporary and reversible.

Free web tools: also local

The free web tools (circular-reference finder, external-link scanner, hardcode detector) are built on SheetJS, a well-established open-source library. When you upload an .xlsx file, it is parsed in your browser tab. The file bytes never leave your machine. No upload, no server-side parsing, no persistent storage.

Finance teams that cannot upload client models to third-party cloud services can use the free web tools without that constraint applying.

Analytics and telemetry

We collect anonymous, aggregate usage events to understand which features are being used and whether the product is working. The events we collect are limited to:

  • Feature invoked (e.g. "Trace started"): no inputs, no model data
  • Install and update events: add-in version, OS type
  • Error codes: generic error identifiers, not stack traces with model data
  • Session start and end: timestamps, add-in version

None of these events include cell values, formula text, sheet names, file names, or any model-derived data. You can disable telemetry in Add-in Settings → Privacy.

Compliance posture

Data minimisation

We collect the minimum data required to operate the service (licence status, anonymous usage events, billing email). We do not sell data to third parties.

Encryption in transit

All communication between the add-in and our licensing API uses TLS 1.2 or higher. Certificate validation is enforced; the add-in will not communicate over an untrusted connection.

Payment security

Payments are processed by Stripe (PCI-DSS Level 1). Formula Audit XL does not store or process credit card numbers. Stripe's security posture is documented at stripe.com/docs/security.

Enterprise deployment

The add-in supports enterprise deployment via Group Policy and MECM/SCCM without requiring internet access at install time. Contact us for a security data sheet or vendor-assessment questionnaire support.

Security FAQ

Does the add-in send my model to a server?

No. Formula Audit XL runs entirely inside the Excel process on your local machine. Formula data, cell values, sheet names, and model structure are read locally and never transmitted to Formula Audit XL servers. The only outbound network request the add-in makes is a periodic licence-validity check, which sends only your licence key, not your model contents.

What about the free web tools?

The free web tools (circular-reference finder, external-link scanner, hardcode detector) run entirely in your browser using client-side JavaScript and the SheetJS library. When you upload an .xlsx file, it is parsed locally in your browser tab. Nothing is sent to our servers. Closing the tab discards the data entirely.

What data does the licence check transmit?

The licence-validation request sends your licence key (an opaque token) and the add-in version number over HTTPS/TLS. It does not include your machine identity, your username, your Excel file paths, or any model data. The request is made at first launch and periodically in the background to confirm your subscription is active.

Do you collect usage telemetry or analytics?

We collect anonymous, aggregated product-usage events (for example, "the Trace feature was used" or "the install wizard was completed"). These events contain no model content, no cell values, no file names, and no personally identifying information beyond a random session identifier. You can opt out in the add-in settings at any time.

Is the add-in compatible with our firm's IT security policy?

Formula Audit XL is distributed as a standard Office add-in (VSTO / COM). It does not require administrative privileges to install for a single user. Enterprise deployment via Group Policy or Microsoft Endpoint Configuration Manager is supported. A full security data sheet is available on request. Contact us to arrange one.

Does the add-in write to or modify my model?

Only features you explicitly invoke cause any model change. For example, the Consistency Colour Scheme temporarily applies cell formatting to reveal issues; it never alters formula contents. All highlighting is reversible with a single click. Trace and Map features are read-only by design.

How is my billing data handled?

Payments are processed by Stripe. Formula Audit XL does not store credit card numbers. Stripe's systems are PCI-DSS Level 1 certified. Your billing email address and subscription status are held in our subscription database. This data is used only for licence management and transactional email (receipts, renewal reminders).

Security questions? Contact us directly.

We respond to vendor-assessment questionnaires and enterprise security reviews.

Contact us Read the privacy policy

For Microsoft Excel on Windows: 2016, 2019, 2021 & 365 · No data leaves your machine