Protect sensitive data

Best practices for protecting sensitive information

When your workflows handle private or confidential info (like Social Security numbers, credit card details, health records), it’s important to protect that data.

Recommendations for handling sensitive data

The best approach is usually:

1. Store sensitive data securely outside Tallyfy: Keep confidential info in a dedicated secure system (like a secure database, encrypted storage, or specialized system like HR or finance software) with strong access controls.
2. Limit access: Ensure only authorized users access the secure system where the data is stored.
3. Don’t put sensitive data directly in Tallyfy: Avoid typing or pasting sensitive details directly into Tallyfy task names, descriptions, or standard form fields.
4. Link securely: Instead of putting data in Tallyfy, put a secure link in the Tallyfy task description pointing to the data’s secure location.

How to link to sensitive data from Tallyfy

1. Ensure sensitive info is stored securely in your other system.
2. Get a secure link (URL) allowing authorized users access to that specific data.
3. Open the relevant Tallyfy task.
4. In the task description, add text explaining the data and insert the secure link (URL) where users can view it (e.g., “Click here to view the secure customer record”).
5. Save the task description.

This method lets your Tallyfy workflow reference needed info without storing sensitive data in Tallyfy.

Related articles

Terms Legals > Tallyfy's privacy policy

The privacy policy and IT documentation can be accessed through dedicated links on Tallyfy’s website which detail security measures compliance standards and data protection practices.

Pro > Compliance

Tallyfy maintains robust security practices including SOC 2 Type 2 compliance access controls data encryption system monitoring incident response plans and vendor management protocols to protect customer data and ensure platform reliability.

Miscellaneous > File storage security

Tallyfy stores uploaded files securely on Amazon S3 with storage limits based on subscription plans while recommending users leverage external file-sharing platforms like Dropbox or Google Drive through links to optimize storage usage.

Compliance > How Tallyfy uses HTTP Strict Transport Security (HSTS)

HSTS is a security protocol that forces web browsers to only use encrypted HTTPS connections with websites while preventing attacks like SSL stripping cookie theft and protocol downgrade attempts.