SECURITY

Technology delivered to you with security and data protection as priority.

We work to streamline VAT processes while mitigating risk and enhancing data protection

Certified to ISO 27001 standards.

Taxback International are ISO27001 certified. It ensures that we handle customer data securely, and in compliance with applicable regulations. These include GDPR and other data protection laws.

We regularly review and update security policies, provide security training to staff, perform security testing, monitor compliance with security policies and conduct internal and external risk assessments.

ISO 27001 is the international standard which is recognized globally for managing risks to the security of information held. This certification shows our clear commitment to data management and protection.

Security and Data Protection
VAT Compliance

One Secure Platform.

By design, our architecture is multi-tenant. Data filters are applied ensuring that access to data is restricted based on job role and associated access privileges.

Data in transit is encrypted using SSL certificates (TLS 1.2). This means that unauthorized individuals will not be able to decipher your confidential information.

Taxback International use data hosting providers Interxion and AWS.

Interxion data centre facilities are ISO27001, ISO22301 certified and maintain a SOC 2 report. AWS data centre facilities are ISO27001 and maintain a SOC 2 report.

Security Incident and Event Notification

Our Security Operations Centre provides 24 x 7 system monitoring.

Taxback International has a documented and established incident management procedure with incident severity and points of escalation defined.

Security and Data Protection
Security and Data Protection

Data protection and deletion.

Under regulatory and legislative requirements, we only retain data for as long as is required. Data retention timelines are defined and procedures are in place to delete data when no longer required.

We are headquartered and registered in Ireland. We are subject to the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). Technical and organisational controls are implemented and maintained as per industry best practice. These controls are externally audited on a bi-annual basis by our ISO27001 auditor.

Taxback International takes the privacy of our clients seriously and complies with all local data protection laws in the jurisdictions we operate in. The Data Protection Officer sends regular awareness communications to staff reminding them of their data protection obligations . Computer based training and testing of understanding is mandatory and completed by all staff on an annual basis.

  • Patch Management

    We take a risk-based approach with all critical patches installed within 7 days or less in line with our patch management standard.

  • Regular External Audits

    We have implemented a dedicated audit program with several internal audits completed monthly and bi-annual external audits completed to ensure conformance of our Information Security Management System with ISO27001.

  • Penetration Testing

    Penetration testing is conducted at least annually by a third party provider. Vulnerabilities are assigned owners and tracked to remediation at our IT governance forums.

  • Vendor Management

    We have defined rules for engagement with third parties. Requirements include contracts and due diligence to ensure that services commissioned are from reputable companies that operate in accordance with all applicable industry, regulatory and legislative requirements.

ROI Calc Calculate your ROI