Skip to content

Terms & legals

Tallyfy has strong compliance, legal, security, and privacy standards:

  • SOC 2 Type 2 attested.
  • HSTS compliant: Important for preventing man-in-the-middle attacks. Our domain (tallyfy.com) is pre-loaded as secure in major browsers.
  • BIMI compliant: An email standard for brand recognition, helping prevent phishing.
  • Can sign custom DPAs for EU, UK, or specific US states (like CCPA).
  • GDPR compliant: Via Data Privacy Framework (DPF) attestation.
  • Can sign contracts for custom enterprise needs.
  • Free SSO: We offer Single Sign On (SSO) free to all customers. Security shouldn’t cost extra.
  • Data encryption: Data is encrypted in transit and at rest.
  • Data separation: Data is logically separated on our multi-tenant cloud hosting (us-west-2 on Amazon Web Services).
  • AWS GovCloud hosting: Available for certain customers needing higher security. Requires an enterprise contract - please schedule a consultation.
  • API Security: Every API request goes through a Cloudflare Worker and a WAF (Web Application Firewall).
  • Country blocking: We block countries under US trade sanctions.
  • Tor blocking: Requests from Tor browsers are dropped.
  • Rate limiting: Runs at the edge to handle traffic spikes.
  • Custom insurance: Can offer custom insurance coverage for enterprises.

Our compliance automation software helps organizations meet regulations through standardized processes, automated tracking, and detailed audit trails.

Pro > Compliance

A comprehensive overview of Tallyfy’s security framework detailing SOC 2 Type 2 compliance access controls data protection system monitoring and vendor management practices to ensure platform reliability and data safety.

Terms Legals > Tallyfy's privacy policy

Access Tallyfy’s privacy details and security documentation through dedicated links while protecting sensitive data through secure external storage and following country-specific restrictions.

Integrations > Authentication and SSO

Free Single Sign-On integration enables team members to access Tallyfy using their existing company credentials while providing enhanced security automated account setup and centralized user management through popular identity providers.