1. SSL Report
All customer interaction with TaxDome is encrypted via Secure Socket Layer (SSL). Our SSL certificates use 256-bit encryption to protect your data. We received an A-grade from Qualys SSL Labs.
2. Data Retention
The data is stored in Amazon AWS and is backed up daily. The physical location of your data is determined by your firm location. For example US firm data is stored in the US and Canadian firm data is stored in Canada.
TaxDome stores the minimum amount of data required in order to provide our services. While customer data is stored by TaxDome, all credit card details are stored by our PCI compliant service partners Stripe and CPACharge.
3. PCI DSS Security
Credit card details are never stored by TaxDome. Credit cards are transmitted directly to our payment providers over SSL connections and are not logged or stored in TaxDome systems.
All credit payments are processed either by Stripe or CPACharge, PCI-DSS Level 1 compliant service providers.
4. TaxDome Physical Server Security
TaxDome production systems run on Amazon AWS, the world’s leading cloud computing platform. Amazon AWS security details the physical, network, system and data security provided by Amazon.
5. GLBA Compliance
TaxDome allows you to be compliant with the Gramm LEach Bliley (GLBA) Act by ensuring the security and confidentiality of your clients’ data.
6. SSAE-16 SOC Compliance
7. HITRUST
8. PIPEDA
9. FIPS
10. EIDAS Compliance
TaxDome is eIDAS compliant and meets all requirements to sign documents online with signatories from all EU member states.
11. Bug Bounty Program
Through our public bug bounty program our applications are constantly being reviewed for vulnerabilities. This creates an environment of continuous testing by 3rd parties.