Effective: 16 March 2022
ONRECORD’s mobile app and web application and the online platform that supports them are provided by Tadpole Cottage Ltd, trading as ONRECORD. We take the security of data very seriously and aim to be as clear and open as we can about the way we handle it. All of our employees and any contract personnel are bound to our terms and policies regarding data and we treat these issues as matters of the highest importance within our company.
Any definitions used in this Security Policy shall have the same meanings as provided in our Conditions of Use.
If you have additional questions regarding security, we are happy to answer them. Please write to email@example.com and we will respond as quickly as we can.
The basic security of data on the ONRECORD mobile app, the web application and the platform depends on individual users setting and safeguarding effective passwords. We have therefore set demanding standards for passwords which are required to be a minimum of 8 characters including at least one lower case letter, one capital letter, one number and one symbol. We encourage regular changes of password.
All users are encouraged to implement two factor authentication which is available to be activated immediately in account settings.
The mobile app provides for PIN and/or face recognition/fingerprint controlled access.
Data Encryption In Transit And At Rest
ONRECORD applies a Secure Sockets Layer (SSL) Certificate to all data in transit, which is encrypted at the 256-bit level.
Data at rest in our database is protected by encryption provided by Microsoft Azure.
We monitor the changing cryptographic landscape and work promptly to upgrade the service to respond to new cryptographic weaknesses as they are discovered and implement best practices as they evolve.
Database Security and Compliance
Microsoft Azure hosts the ONRECORD services and stores all our data in a data centre within the UK. Microsoft maintains multiple security certifications for its data centres. For more information about their certification and compliance, please visit their ‘Introduction to Azure security’ document at https://docs.microsoft.com/en-us/azure/security/fundamentals/overview/.
We place strict controls, limited by the access level provided by their login credentials, over our employees’ access to the personal information and other data collected by ONRECORD’s services.
We are committed to ensuring that data is not seen by anyone who should not have access to it. The operation of ONRECORD’s services, however, requires that a very small number of senior employees have access to all the systems which store and process data and would therefore be able to view subscribers’ data. These employees are prohibited from using their permissions to view personal data unless it is absolutely necessary to do so, for example, in order to diagnose a particular problem a user is having with our services, in which case we may need to access the user’s personal data and records.
Our financial services are provided by Stripe (https://stripe.com/gb) who are responsible for the security of Subscribers’ financial data. We do not hold credit card identification details in our database. Stripe keeps financial data records for 3 years following closure of an account.
ONRECORD conducts background checks on all employees before employment, and employees receive privacy and security training when recruited as well as subsequently.
All employees are required to read and sign this Security Policy covering the security, availability, and confidentiality of the ONRECORD services.
Deletion of App User Data
ONRECORD will delete user data in accordance with our Conditions of Use. In these circumstances ONRECORD deletes all information, including user names and associated contact and account information.
Return of Data to Subscribers
All uploaded data, whether uploaded to their account by the Subscriber or anyone else, such as a Professional or other linked user, remains the property of the Subscriber.
It is the responsibility of Subscribers of our Services to export and download all their data in html or zip file form within 28 days of notifying us of closing their account.
In the event that ONRECORD decides to close a Subscriber account, in accordance with the terms of our Conditions of Use, we aim to return all the data in their Records to the Subscriber as an email attachment or linked file within 28 days.
Return of Data to Professionals
On closure of a Subscriber’s account to which a Professional has been linked, or on the unlinking of a Professional by a Subscriber, all data contained in confidential messages and their attachments, uploaded by the Professional, will remain available for download by the uploading Professional for 28 days, after which it will no longer be available to them, while remaining available to the Subscriber.
The data uploaded by Professionals will remain available to the Subscriber until the Subscriber closes their account.
When the Subscriber closes their account, the data uploaded by all linked and previously linked Professionals will be deleted along with the Subscriber’s other data in accordance with our Conditions of Use.
Data Uploaded by Associate Accounts
On closure of a Subscriber’s account to which an Associate Account has been linked, or on the unlinking of an Associate Account by a Subscriber, all data contained in confidential messages and their attachments, uploaded by the Associate Account, will no longer be available to the Associate Account, while remaining available to the Subscriber.
The data uploaded by an Associate Account will remain available to the Subscriber until the Subscriber closes their account.
When the Subscriber closes their account, the data uploaded by all linked and previously linked Professionals and Associate Accounts will be deleted along with the Subscriber’s other data in accordance with our Conditions of Use.
We understand that users rely on the ONRECORD services to work. We’re committed to making ONRECORD a highly available service that you can count on. We rely on Microsoft Azure services infrastructure to continue to provide systems that are fault tolerant for failures of individual servers or even entire data centres.