Tallyfy is very strongly positioned when it comes to compliance, legal, security and privacy:
- SOC 2 Type 2 attested
- HSTS compliant - this is very important even though other vendors don’t talk about it because it prevents common man-in-the-middle attacks. Our domain - tallyfy.com is pre-loaded as secure in common browsers.
- BIMI compliant - which is an email standard that ensures very strong compliance to brand and recognition, preventing phishing and much more.
- Able to sign a custom DPA for EU, DPA or specific US states
- GDPR compliant via our Privacy Shield and DPF attestation
- Able to sign contracts for customized enterprise requirements
- We offer free SSO (Single Sign On) to all customers. Security should not cost extra.
- Data is encrypted in transit and at rest
- Data is logically separated in our multi-tenant cloud hosting on us-west-2 on Amazon Web Services
- Every API request goes through a custom Cloudflare Worker and a WAF (Web Application Firewall)
- We block countries under US trade sanctions
- Requests from Tor browsers are dropped and never accepted
- Rate limiting runs on the edge at any scale
- We can offer custom insurance coverage for enterprises
Terms Legals > Tallyfy's privacy policy
Tallyfy implements comprehensive data protection measures through privacy policies security documentation and restricted access while maintaining compliance standards and providing support resources for users.
Terms Legals > Country restrictions
Tallyfy restricts access from 11 specific locations including countries under US sanctions and Tor exit nodes but remains open to discussing exceptions and providing support.
Tracking And Tasks > Protect Sensitive Data
Sensitive business data should be stored securely in authorized-access-only systems to maintain confidentiality and protect customer information through proper URL management in designated task boxes.
Integrations > Authentication and SSO
Free seamless integration with popular SAML and SSO platforms allows secure access to multiple services using a single set of credentials through Tallyfy’s authentication middleware.
