Pay Awards

GDPR

With the introduction of GDPR we have fully reviewed the way we hold and process client data, the key points include:

'Software' Platform

Our software has been enhanced to allow data to be minimised and/or erased to match a clients own retention policies (these processes only apply to employees who are flagged as left).

'Development' Platform

Our development computers are encrypted Macs, running Parallels/Windows 10, with logon and firmware passwords.
Occasionally, we need to hold client data, to help evaluate software issues, to help with data take on/data changes, or to help develop new features, such data will be held in its own encrypted VHD (Virtual Hard Disk) which is mounted as required. This VHD is excluded from our backups, and the data will be erased within 3 months of client sign off.
Our development computers are our primary link to our Hosting & Outsourcing platforms, where client data stays unless concent has been given to move it. iPads are also used to gain access to the two cloud platforms, client data is never held on these devices.

'Hosting' Platform *

Where appropriate, clients can host their payrolls with us, and logon remotely, from either a tablet, a Mac or a PC, when they have a wifi or a 4G connection (see * below for additional technical details).

'Outsourcing' Platform *

Our outsourced payrolls are held on a hosted platform (see * below for additional technical details).
This platform operates using its own email account, whose details are released on a need to know basis.
Client data is held in an encrypted VHD (Virtual Hard Disk) which is only mounted during payroll processing.
All payroll reports/files are emailed in a secured zip file, and payslips are emailed as secured pdf files.


* both the Hosting and Outsourcing platforms are professionally managed in Manchester, where the company details, Data Centre accreditations, and agreement, are available upon request.
Both platforms run Windows Server 2016 with encrypted disks, they are patched as recommended by Microsoft, and are protected with firewalls, intrusion detection systems, and anti virus software.
Client data is backed up nightly, where each encrypted backup is held for 90 days, before being automatically erased.
MFA (Multi Factor Authentication) has been implemented to significantly enhance logon security, ie where a username, password and a pre-registered smart phone is needed to gain access.
All of our outbound emails are either sent ssl or tls and all connections to the Hosting and Outsourcing platforms use gateway settings which gives the same level of end to end encryption as https.