Skip to content

Protect sensitive data

Best practices for protecting sensitive information

Never store sensitive data directly in Tallyfy - keep it in your secure systems and link to it instead. This protects confidential information while letting your workflows reference what they need.

Got workflows that handle Social Security numbers, credit card details, or patient records? Here’s the thing: you can’t just drop that sensitive info into task descriptions or form fields. That’s asking for trouble.

Recommendations for handling sensitive data

Here’s what actually works:

  1. Store sensitive data securely outside Tallyfy: Your confidential info belongs in dedicated secure systems - think encrypted databases, your existing HR platform, or that specialized finance software you’re already using. These systems have the access controls you need.
  2. Limit access: Only authorized users should touch the secure system where your data lives. Period.
  3. Don’t put sensitive data directly in Tallyfy: This one’s critical. Never type or paste sensitive details into Tallyfy task names, descriptions, or form fields. Not even once.
  4. Link securely: Here’s the smart move - add secure links in your Tallyfy task descriptions that point to where the data actually lives.

Simple, right?

Let me walk you through this (it takes maybe 2 minutes):

  1. First, make sure your sensitive info is already stored securely in your other system. Don’t skip this step.
  2. Grab a secure link (URL) that lets authorized users access that specific data. Most systems can generate these.
  3. Open the Tallyfy task where you need to reference this data.
  4. In the task description, explain what the data is and add your secure link. Something like: “Review the customer’s credit application here: [secure link]”
  5. Save the task description.

Done. Your workflow can now reference the sensitive info it needs without actually storing it in Tallyfy. The data stays safe in your secure system, and your team can still access it when they need to.

Terms Legals > Tallyfy's privacy policy

Tallyfy’s privacy policy and security documentation can be accessed through dedicated web pages that outline data collection practices protection measures and compliance standards.

Miscellaneous > File storage security

Tallyfy uses Amazon S3 for secure file storage with plan-specific limits ranging from 5GB total to 25GB per member and recommends integrating external cloud storage solutions like Dropbox or Google Drive to optimize storage allocation and leverage existing file management systems.

Pro > Compliance

Tallyfy provides robust security through SOC 2 Type 2 compliance certification comprehensive data encryption multi-factor authentication principle of least privilege access controls mandatory SSO enforcement environment segregation vulnerability assessments incident response frameworks third-party risk management protocols and comprehensive audit trail capabilities meeting regulatory requirements across highly regulated industries.

Edit Processes > Add process notes

Process notes in Tallyfy serve as a centralized hub for critical information files and links that remain visible across all tasks in a process run ensuring consistent access to essential context and resources for all participants throughout the workflow.