Caerphilly Accounting is committed to being GDPR (General Data Protection Regulation) ready when GDPR compliance comes into effect on 25 May 2018.

As a Practice we take the security of our clients very seriously. We utilise a number of industry standard mechanisms at our disposal to achieve this.

All our client information held on our cloud accounting software passes through a 256-bit Secure Sockets Layer (SSL) technology. The servers are hosted by “The Bunker” an ISO27001 certified, geographically isolated military grade hosting facility.

Your accounting information is held on multiple live databases in case of failure, where snapshot back-ups are taken every minute and transferred from the software providers servers to the off-site, asymmetrically encrypted, servers within seconds of the snapshots being taken.

Naturally, your data is your own. You can export your financial figures and financial reports at any time.

There is further file storage in the cloud of the information we collect from you for our files, using Binding Corporate Rules (BCRs), which are generally considered the gold standard around the world for personal data protection. The information we collect from you are for specified and legitimate purposes, and will not be processed in any further capacity that doesn’t meet these purposes. Our provider for cloud storage received their BCR in August 2016 for both a controller and a processor, and can legally transfer data between the European Union and the United States.

We believe effective data protection is a combination of data security and data privacy. In former years significance has been placed on data being secure with data privacy not being subject to a similar level of scrutiny. The regulations surrounding GDPR are broad in nature with many organisations now questioning their compliance strategy. Here at Caerphilly Accounting our clients can be assured that we take their data security and data privacy very seriously, and we are compliant with GDPR.