Terms & legals

Compliance and legal overview

Tallyfy is very strongly positioned when it comes to compliance, legal, security and privacy:

• SOC 2 Type 2 attested
• HSTS compliant - this is very important even though other vendors don’t talk about it because it prevents common man-in-the-middle attacks. Our domain - tallyfy.com is pre-loaded as secure in common browsers.
• BIMI compliant - which is an email standard that ensures very strong compliance to brand and recognition, preventing phishing and much more.
• Able to sign a custom DPA for EU, DPA or specific US states
• GDPR compliant via our Privacy Shield and DPF attestation
• Able to sign contracts for customized enterprise requirements
• We offer free SSO (Single Sign On) to all customers. Security should not cost extra.
• Data is encrypted in transit and at rest
• Data is logically separated in our multi-tenant cloud hosting on us-west-2 on Amazon Web Services
• AWS GovCloud hosting is available for certain customers requiring higher security compliance. This requires an enterprise agreement - please schedule a consultation at https://tallyfy.com/booking/ ↗
• Every API request goes through a custom Cloudflare Worker and a WAF (Web Application Firewall)
• We block countries under US trade sanctions
• Requests from Tor browsers are dropped and never accepted
• Rate limiting runs on the edge at any scale
• We can offer custom insurance coverage for enterprises

Our compliance automation software ↗ helps organizations meet regulatory requirements through standardized processes, automated tracking, and comprehensive audit trails.

• Country restrictions
• Tallyfy's privacy policy

Related articles

Pro > Compliance

Learn about Tallyfy’s security posture, SOC 2 compliance, and commitment to data protection.

Terms Legals > Tallyfy's privacy policy

Tallyfy implements comprehensive data protection measures through privacy policies security documentation and restricted access while maintaining compliance standards and providing support resources for users.

Terms Legals > Country restrictions

Due to US law compliance Tallyfy blocks access from 11 restricted locations including countries like Cuba Iran Syria North Korea Libya Somalia Iraq Russia Yemen Palestine and Tor exit nodes.

Tracking And Tasks > Protect sensitive data

Protect sensitive business data by storing it in secure systems and referencing it through secure links while limiting access to authorized personnel only.