Skip to content
Tallyfy

Terms & legals

Tallyfy is built for the security, legal, privacy, and compliance standards that larger companies and regulators expect. Here’s what’s in place to protect your data:

  • SOC 2 Type 2 Attestation - an independent auditor has checked that our security controls work and keep your data protected.
  • HSTS Compliance - HTTP Strict Transport Security. Browsers are pre-loaded to reach tallyfy.com only over an encrypted connection, which blocks man-in-the-middle attacks.
  • BIMI Compliance - Brand Indicators for Message Identification. It shows our verified logo on emails, which boosts brand recognition and helps prevent phishing.
  • Custom Data Processing Agreements - available for the EU, UK, or specific US states (like CCPA) to meet regional privacy laws.
  • GDPR Compliance - met through Data Privacy Framework (DPF) attestation for full European data protection.
  • Enterprise Contract Flexibility - custom contracts for specialized enterprise needs.
  • Free Single Sign-On - SSO1 is included free for every customer. Security shouldn’t cost extra.
  • Full Data Encryption - all your data is encrypted both in transit and at rest, using industry-standard protocols.
  • Logical Data Separation - multi-tenant cloud hosting keeps each customer’s data logically separate, hosted in the us-west-2 region on Amazon Web Services.
  • AWS GovCloud Hosting - available for customers who need higher security standards. It requires an enterprise contract. Schedule a consultation for details.
  • Multi-layer API Security - every API request passes through Cloudflare Workers and Web Application Firewall protection.
  • Sanctions Compliance - access is blocked from countries under US trade sanctions.
  • Anonymous Network Blocking - requests from Tor browsers are blocked automatically.
  • Edge Rate Limiting - traffic is rate-limited at the network edge to handle spikes and prevent abuse.
  • Enterprise Insurance Options - custom insurance coverage for enterprises with specific liability needs.

Achieving compliance with Tallyfy

Tallyfy’s compliance automation software helps organizations meet regulatory requirements through standardized processes, automated compliance tracking, and audit trails.

Pro > Compliance

Tallyfy maintains a current SOC 2 Type 2 attestation. Bank-level encryption (TLS 1.2+ and…

Footnotes

  1. SSO (single sign-on) lets your team sign in to Tallyfy with the company login they already use, so there’s no separate password.

Get in touch
About Tallyfy