POC Data Handling & Security Practices
Version 1.2
Last updated: 27.05.2024
1. Our Data Handling Practices
1.1. Before Submission
When you begin entering your data into our POC form, rest assured that none of it is stored by us until you submit the form. However, we offer an autosave feature that securely saves the data in your browser for 15 days. Please note, this data is not transmitted to us.
1.2. Upon Submission
Upon finalising your submission and clicking the submit button, your data will be sent to us. We will immediately begin processing your data to create your FinKratt Report and deliver it to your email address. The process typically takes only a few minutes, although the time required may vary depending on the number of users accessing the POC.
1.3. After Submission
Within a period of 30 days, most of your personal data is progressively transformed until we achieve complete anonymisation.
- First few seconds (less than a minute) after your Report is sent out to you:
- Typeform: We will delete all your personal data from our form building application UI where we retrieved it initially. Nonetheless, data will be stored in backups for up to 30 days.
- Mailchimp: Please note that if you consented to sharing your email address with us for marketing purposes, we will retain it until you withdraw your consent. Otherwise, it will be permanently deleted according to the deletion schedule described on this page.
- Google Services: We will delete all your data from the Google Spreadsheet where we received it, and we will permanently purge some of your direct identifiers (mainly name). Nonetheless, version history data from Spreadsheets will be available for up to 7 days, and backups will be available for up to 30 days. The remainder of your data corresponds to your email and indirect identifiers. Your email will be stored separately from most other data (only alongside some generic data derived from provided financial information) and solely for the purpose of potentially contacting you to improve our Website, Service, offerings, and overall solution. Your indirect identifiers, which can be either numeric values or booleans, will be stored in a distinct spreadsheet for statistical purposes. All booleans will be stored ‘as is’, whereas numeric values will be stored pseudonymised. To further enhance privacy, all these entries will be randomly mixed with all other records using the Fisher-Yates shuffle algorithm each time a new entry is added. This process ensures that identifying specific data points as yours becomes nearly impossible without the use of additional information. If you’re interested in seeing the comparison between how your data appears upon submission and receipt versus how it is stored, you can download a sample here.
At this stage, most of your data, other than your email and the associated generic financial data, has been pseudonymised, ensuring that it cannot be directly linked to you without engaging in manual cross-referencing of data.
- Next 7 days:
- We will manually purge all version history from the Google spreadsheets where we store any personal data, including both the locations where your data is initially received and where your pseudonymised indirect identifiers are stored.
- While we minimise the use of any personal data within our script logs, these logs will be automatically erased from our production environment 7 days after submission.
By this point, most of your data has been extensively pseudonymised, making impossible any direct association to specific data entries without further information from you.
- After 30 days:
- All backup data will be permanently deleted from both Typeform and Google.
By now, apart from your email and the associated generic financial data, your data is effectively anonymised. Consequently, said anonymised data no longer qualifies as personal under the GDPR, and we may retain it indefinitely.
2. Our Security Practices
2.1. How we protect our Work Devices
When it comes to security, everything starts by ensuring security of the devices that we use for work. Although no personal data is processed on our work machines, all our computers are equipped with full hard drive encryption. Additionally, we continuously monitor our work devices for any signs of malware to ensure the safety and integrity of our systems. Furthermore, our devices are subject to the most stringent security measures permitted by their respective operating systems.
2.2. How we protect the applications where we process your data
In order to minimise any risks associated with physical storage, all personal data processing is conducted exclusively in the cloud. Additionally, we strictly adhere to the principle of least access privilege, minimising the number of applications and accesses needed to handle personal data. For example, our current POC utilises only essential services (i.e., Google Workspace tools, Typeform, and Mailchimp). Furthermore, access to personal data is stringently controlled and segregated. We ensure that access to different platforms and data sets is totally compartmentalised.
We use the most stringent security for all the applications we use, including use of Google SSO for getting access to all applications that allow it, and relying on 2FA for the applications that don’t allow it (currently Mailchimp). In addition, we enforce secure password practices and ensure that we always use secure passwords in compliance with NIST latest guidelines via a secure password manager. This entails that no password is reused across any services or individuals within FinKratt.
Most of our Google Accounts that have access to personal data, are secured with Security Keys for access, which puts even more stringent security measures on our Google accounts.