Pure Bookkeeping Security Policy

    We protect your data.

    All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. Files that our customers upload are stored on servers that use modern techniques to remove bottlenecks and points of failure.

    Your data is sent using HTTPS.

    Whenever your data is in transit between you and us, everything is encrypted and sent using HTTPS. Any files which you upload to us are stored and are encrypted at rest. Client data and messages aren't encrypted at rest — they are active in our database. Our backups of your data are encrypted.

    Data Retention

    Our data backups are only retained for 7 days. Once you stop using Pure Bookkeeping and your workspace is deleted, data will be irrecoverable after 7 days. Your payment details are stored by PCI compliant service providers.

    Sophisticated physical security.

    We use Amazon Web Services to host our servers in the United States. The supplier protects their data centres with state-of-the-art physical security measures. Only authorized personnel have access to the data centre. 24/7/365 onsite staff provides extra protection against unauthorized entry and security breaches.

    AWS complies with leading security policies and frameworks, including SSAE 16, SOC framework, ISO 27001 and PCI DSS. For more information on AWS Data Center Physical Security, see the AWS Security Whitepaper: https://d0.awsstatic.com/whitepapers/aws-security-whitepaper.pdf

    Regularly-updated infrastructure.

    Our software infrastructure is updated regularly with the latest security patches. Our products run on a dedicated network which is locked down with firewalls.

    We protect your billing information.

    Card details are never stored in Pure Bookkeeping. Your card details are transmitted directly to our payment providers over SSL connections and are not logged nor stored in our systems.

    Payments are processed by Stripe which is a PCI-DSS Level 1 compliant service provider.

    Need to report an incident?

    If you have discovered a security flaw that affects Pure Bookkeeping, please visit our vulnerability disclosure program page for details on how to securely submit a report.