Contact Digitoo (Mon - Fri, 9:00 - 17:00)
Blog
Contact Digitoo (Mon - Fri, 9:00 - 17:00)FAQAbout usLog in
WHY DIGITOO

Security First: Data Protection and Reliability with Digitoo

DALL·E 2023-10-14 20.57.43 - Minimalistic design, 1200x600px in dimension, set against a dominant and striking #FF7A14 orange background. The central focus of the image is a detai.png

Encrypted Communication

All communication outside our virtual private network on the Azure platform is conducted via TLS security protocols. Encrypted communication between our users and the server is ensured through the HTTPS protocol. Encrypted SSH protocol is used for service operations.

By default, Microsoft manages the keys that protect your data. Customer data stored on physical media is always encrypted using encryption protocols compliant with the FIPS 140-2 standard. Customers can enhance data protection by using customer-managed keys (CMK), double encryption, or hardware security modules (HSM).

All data transfer between data centers is protected using IEEE 802.1AE MAC security standards, which guard against physical man-in-the-middle attacks. To ensure resilience, Microsoft employs various network paths, at times crossing geographical boundaries, but customer data replication across regions always occurs via encrypted network connections.

To minimize the risk of personal data breaches, Microsoft generates pseudonymous identifiers, enabling the offering of global cloud services (including service operation and improvement, billing, and fraud protection). Pseudonymous identifiers cannot directly identify individuals, and access to customer data identifying individuals is always protected as described above.

Protection of Our Data

We protect our company data with OWASP security standards. All Digitoo employees and partners are bound by confidentiality and data security agreements.

Access to our internal systems is secured with multi-factor authentication (2FA). We use shared password management software for passwords and secrets. All system access is remotely controlled and monitored.

Retention of Unnecessary Data

By default, we retain unnecessary data for 10 years. Data is used solely for the purpose of enhancing data mining, training, and optimizing algorithms. If needed, upon customer request, data can be deleted at any time.

Data Access

All access to user data is restricted by authorization. Each user authorizes with a unique username and password. Passwords are required to meet recommended complexity standards (OWASP), and we ensure they do not match usernames. All passwords are salted and hashed according to industry standards.

Communication between Digitoo and ERP systems occurs through integration agents. These agents use authorization tokens for limited data access. Each access is monitored, and tokens can be deactivated instantly.

Data Storage

All data is stored on Microsoft Azure servers, a well-known hosting and cloud service provider. Microsoft Azure complies with the highest security standards. Learn more about data storage.

For data recoverability in case of disaster recovery, we have a backup system with a 30-day data retention period at our disposal. We employ the concept of so-called 'soft delete,' which enables us to efficiently manage deleted data.

The Microsoft Azure service allows you to specify the region where customer data will be stored and processed. Microsoft may replicate customer data to additional regions for resilience purposes, but it will not store or process the data outside the designated geographic area.

Digitoo has restricted the data's geographic region to Europe. Without our authorization, Microsoft will not store or process your data outside the designated geographic area, in this case, Europe.

General Data Access

Our goal at Digitoo is to automate and digitize accounting. Because accounting involves highly sensitive data, we handle it with great care. Every access is in accordance with EU laws, including GDPR.

Data Processing

We continuously improve our data mining algorithms. To do this, we require a sufficient sample of accounting documents, which we use for training and gradual improvement. We use user documents for the duration of the Data Processing Agreement for this purpose.

Secure Code

During the development of our product, we follow OWASP recommendations. All code undergoes team peer review. We use automated tools for vulnerability detection and regularly update software. Code quality is continuously monitored by third-party tools. Our product is covered by unit and integration tests and is manually tested.

If you have any questions, please feel free to contact us at [email protected].

Similar articles you may like
AdobeStock_592682796 (1).jpg
Why Digitoo
Digitoo: All Your Data in One Place for Easy Access and Organization
Frame 518.png
Blog
Vsaďte na digitalizaci a automatizaci faktur v ABRA Flexi s Digitoo
Group 1331.png
Blog
Ušetřete až 75 % času s fakturami a automatizujte s Helios a ABRA Gen
Set up your accountLet’s start with a few simple steps
screen.jpg
Just one step to goChoose your accounting system 
and fill the number of yearly received invoices.
Enter your accounting system
b5n4na8LjGez.png
Check your email!You're almost there. Continue by setting up the password we have just sent in your email.

Request more information

Request more information

Build a Custom Plan

The minimum number of documents is 1200
Select...
0
Kontaktujte Digitoo
Jméno
Příjmení
Název společnosti
Telefon
E-mail
Zpráva
Let's arrange a call
Your phone number
Message or note