Skip to content

Protect sensitive data

Best practices for protecting sensitive information

When your workflows deal with private or confidential info (like Social Security numbers, credit card details, health records), you need to keep that data safe.

Recommendations for handling sensitive data

Here’s what works best:

  1. Store sensitive data securely outside Tallyfy: Keep confidential info in a dedicated secure system (like a secure database, encrypted storage, or specialized system like HR or finance software) with strong access controls.
  2. Limit access: Ensure only authorized users access the secure system where the data is stored.
  3. Don’t put sensitive data directly in Tallyfy: Avoid typing or pasting sensitive details directly into Tallyfy task names, descriptions, or standard form fields.
  4. Link securely: Instead of putting data in Tallyfy, put a secure link in the Tallyfy task description pointing to the data’s secure location.
  1. Ensure sensitive info is stored securely in your other system.
  2. Get a secure link (URL) allowing authorized users access to that specific data.
  3. Open the relevant Tallyfy task.
  4. In the task description, add text explaining the data and insert the secure link (URL) where users can view it (e.g., “Click here to view the secure customer record”).
  5. Save the task description.

This way, your Tallyfy workflow can reference the info it needs without actually storing sensitive data inside Tallyfy.

Terms Legals > Tallyfy's privacy policy

Tallyfy’s privacy policy and security documentation can be accessed through dedicated web pages that outline data collection practices protection measures and compliance standards.

Miscellaneous > File storage security

Tallyfy uses Amazon S3 for secure file storage with plan-specific limits ranging from 5GB total to 25GB per member and recommends integrating external cloud storage solutions like Dropbox or Google Drive to optimize storage allocation and leverage existing file management systems.

Pro > Compliance

Tallyfy provides enterprise-grade security through SOC 2 Type 2 compliance certification comprehensive data encryption multi-factor authentication principle of least privilege access controls mandatory SSO enforcement environment segregation vulnerability assessments incident response frameworks third-party risk management protocols and comprehensive audit trail capabilities meeting regulatory requirements across highly regulated industries.

Edit Processes > Add process notes

Process notes in Tallyfy serve as a centralized hub for critical information files and links that remain visible across all tasks in a process run ensuring consistent access to essential context and resources for all participants throughout the workflow.
Get in touch
About Tallyfy