Security Statement
General Data Protection Regulation (GDPR)
GDPR Compliance
Validis is committed to meeting the requirements of the General Data Protection Regulations (GDPR). We realize the importance of and emphasize data protection and privacy principles in every phase of product development and daily operations.
The GDPR is Europe’s new framework for data protection laws – it replaces the previous 1995 data protection directive, which current the UK law is based upon.The GDPR harmonizes data protection laws in the EU for use in the digital age as well as to provide greater protection and rights to individuals.
Our focus on respecting your privacy and safeguarding your personal data remains as strong as ever. We’ve updated our privacy notice to reflect the new and strengthened rights in relation to your personal data, and the legal grounds for using and holding it for business relation you have with us. We have also strengthened our data protection arrangements to ensure they comply with the new regulations and to the continuous safety and privacy of your data.
We’re committed to keeping your data safe, giving you control and flexibility, and providing useful and timely information.
For more information on GDPR Compliance and how we protect your data and keep you in control please read our Privacy Policy here.
Validis platform – GDPR Compliance Statement
The “Validis platform” is our data transfer and standardization platform for sending and receiving accounting data used to manage the transfer of organizations’ accounting data to financial institutions and accounting firms and the subsequent workflows performed by these institutions. This software is provided as a cloud hosted service.
The GDPR brings many changes for your organization, making it critical to choose a financial data transfer and tooling platform that helps you meet the major GDPR requirements listed below.
We’ve clarified the requirements by publishing our compliance statement on how Validis can help address and facilitate support for your key GDPR requirements.
SOC 2 Compliance
Validis is SOC 2 accredited.
SOC stands for service organization control. There are three variants of SOC compliance, and SOC 2 is designed for cloud and SaaS companies. The program was created by the American Institute of Certified Public Accountants (AICPA) as a means of improving the reporting of service organizations, SOC 2 emphasizes security and operational metrics based on the five TSPs – security, availability, processing integrity, confidentiality and privacy.
To request a copy our SOC2 Type 2 report, please email us at security@validis.com.
ISO 27001 Compliance
Validis is also ISO 27001 certified.
ISO 27001 is one of the most widely recognized and internationally accepted information security standards. It’s one of the few standards that uses a top-down, risk-based approach to evaluation. It identifies requirements and specifications for a comprehensive Information Security Management System (ISMS), defining how an organization should manage and treat information more securely, including applicable security controls.
To request a copy of our ISO 27001 certificate, please email security@validis.com.