Learn more about e-signatures in our new live webinar.

Join live daily webinars to get up to speed on automations, invoicing and team collaboration.

Security

The security of your data is very important to us. We employ a number of industry standards to keep your data safe and secure.

1. SSL Report

All customer interaction with TaxDome is encrypted via Secure Socket Layer (SSL). Our SSL certificates use 256-bit encryption to protect your data. We received an A-grade from Qualys SSL Labs.

2. Data Retention

The data is stored in  Amazon AWS and is backed up daily. The physical location of your data is determined by your firm location. For example US firm data is stored in the US and Canadian firm data is stored in Canada.

TaxDome stores the minimum amount of data required in order to provide our services. While customer data is stored by TaxDome, all credit card details are stored by our PCI compliant service partners Stripe and CPACharge.

3. PCI DSS Security

Credit card details are never stored by TaxDome. Credit cards are transmitted directly to our payment providers over SSL connections and are not logged or stored in TaxDome systems.

All credit payments are processed either by Stripe or CPACharge, PCI-DSS Level 1 compliant service providers.

4. TaxDome Physical Server Security

TaxDome production systems run on Amazon AWS, the world’s leading cloud computing platform. Amazon AWS security details the physical, network, system and data security provided by Amazon.

5. GLBA Compliance

TaxDome allows you to be compliant with the Gramm LEach Bliley (GLBA) Act by ensuring the security and confidentiality of your clients’ data.

10. EIDAS Compliance

TaxDome is eIDAS compliant and meets all requirements to sign documents online with signatories from all EU member states. TaxDome provides SES (Simple Electronic Signature), AdES (Advanced Electronic Signature) and QES (Qualified Electronic Signature) options. Additionally KBA (Knowledge-based authentication) is available in the US.

11. Bug Bounty Program

Through our public bug bounty program our applications are constantly being reviewed for vulnerabilities. This creates an environment of continuous testing by 3rd parties.

 

Last updated February 16, 2024