Easy Payroll provides a Web-based workplace, consisting of an integrated suite of simple and easy-to-use applications. We understand that security and reliability are critical factors for our customers - that's why they are our top priority and our approach to them is comprehensive.
The security section of our website details the hardware, software and processes we use that drive the application and data security for the Easy Payroll hosted solution.
Secure Data Centres
The Easypayroll.io service is securely hosted at data centres compliant with globally recognised standards.
- ISO 27001 Certified
- AICPA Type 2 Compliant
- Cloud Security Alliance – STAR Registrant
- GDPR Compliant
- HIPAA Compliant
- PCI DSS Compliant
The Easypayroll.io application incorporates multiple security levels which adhere to globally accepted standards:
Every user is provided with a unique, confidential username and password to access their system protected by 256-bit SSL encryption. In addition, 2FA and Single sign-on is also available.
Secure Data Access
Easypayroll.io uses secure directory access protocol, which maps users to their registered information held on the system and only then allows them to access their data.
Easypayroll.io also provides customisable role-based security and item-level access controls ensuring that only the right people get access to the right information.
SSL Data Encryption
All customer data is encrypted, while in transit and sent using HTTPS. All customers’ data uploaded and stored are encrypted at rest. All backups of customer’s data are encrypted using GPG.
Data Storage, Backup and Disaster Recovery
All customer data is stored on fully redundant servers, which insulates us from any hardware failure.
All customer data is backed up at Primary Data centre using Continuous Data Protection (CDP) and copied to a secondary data centre on a nightly basis. Hence, we always have an off-site backup copy – in case of any emergency situation.
In an event of a catastrophic hardware failure, natural disaster or other event that renders the primary hosting facility inoperable, Easy Payroll has set up procedures to bring the system back online at the secondary data centre with minimal time/data loss. We regularly test to check our disaster recovery procedures and the integrity of the customer data.
Network Security & Availability
99.99% Uptime Guarantee
Our goal and efforts are to provide 100% up-time for Easypayroll.io Service. We provide 99.99% uptime guarantee and we are always well above our promise.
Easy Payroll uses multiple fault-tolerant firewalls. Each firewall employs both static and dynamic access-lists, configured to permit only necessary traffic. Abusive or malicious traffic is dynamically denied per dynamic access lists on the firewalls.
Security Patches and Critical Updates
All Easypayroll.io servers are audited regularly for security patch and critical update levels. Patches and updates are first deployed to a test environment to assure compatibility, then to the live environment.
Our Information Security department monitors notification from various sources and alerts from internal systems to identify and manage threats.
Easy Payroll's Privacy Statement
Your privacy is important to us, and so is being transparent about how we collect, use, and share information about you.
Easy Payroll, we and us refers to Payroll Made Easy LTD. and any of our corporate affiliates. We offer our 'Easy Payroll platform' as SaaS offerings in the global market. We refer to Easy Payroll platform, together with our other services and websites as "Services" in this policy.
Our GDPR Commitment
The GDPR harmonises data privacy laws and regulations across the EU, enhances data protection for EU citizens and reshapes the way organisations approach data privacy. The GDPR covers the personal data of every EU person and provides comprehensive rights to data subjects. Every company that works with European employees, customers and partners will need to comply with the regulation.
With the General Data Protection Regulation (GDPR) now effective, Easy Payroll is GDPR-ready so that all customers can use Easy Payroll as the Cloud Work Management platform while meeting their GDPR compliance requirements.
At Easy Payroll, we provide an in-region hosting/data storage for our customers, to meet data residency obligations across multiple geographies, allowing them to raise the bar for privacy and control in the cloud.
What information we collect about you
When you sign up for our services, we ask for your name, company name, email address and phone number. That's just so we can personalize your new account, and we can send you invoices, updates, or other essential information.
When you write to Easy Payroll with a question or to ask for help, we'll keep that correspondence, and the email address, for future reference. When you browse our website, we'll track that for statistical purposes (like conversion rates and to test new designs). We also store any information you volunteer, like surveys, for as long as it makes sense.
How we use information we collect
We use information for the following purposes:
• To provide the Services and personalize your experience
• To communicate with you about the Service
• To Provide Customer support
• To Send you statements and invoices
For Marketing communications, with an opt-out option for users who wish to exercise their choice to decline to participate in these communications
How we share information we collect
• We will never sell or provide your personal information to any third parties.
• We might share your personal information for the following reasons:
• To provide products or services you've requested, with your permission.
We are required to share customer information by law, to protect the interests of the company or in the discharge of public duty.
How we secure information we collect
We have put in place appropriate security measures to prevent information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We go to great lengths to secure your data - you can read more about that on our security page.
Cookies and Other Tracking Technologies
We use "cookies", "web beacons", and similar devices to track your activities, in order to improve our services and the website, and provide more convenient, relevant experiences to you.
International transfers of information we collect
We collect information globally and primarily store that information in the United States and Ireland. Whenever we transfer your information outside of your country of residence, we make sure that your information gets a similar degree of protection to your own country by appropriate legal mechanisms.
For customers in European Economic Area (EEA) or Switzerland, whenever we transfer your information outside European Economic Area (EEA) or Switzerland, we make use of the EU-US.. and Swiss-US.. Privacy Shield Frameworks, European Commission-approved standard contractual data protection clauses, or other appropriate legal mechanisms to safeguard the transfer.
When you cancel your account, we'll ensure that nothing is stored on our servers past 30 days. Anything you delete on your account while it's active will also be purged within 30 days (up until then it's available in Recycle Bin).
Your Legal Rights
You always have the right to access the personal information we store about you. For any questions, comments and requests regarding our privacy or data processing practices, please contact email@example.com. or by post at Easy Payroll, Watergates Building, 109 Coleman Road, Leicester, LE5 4LEYou have the right to take any complaints to the Information Commissioner if you feel that we have not addressed your request satisfactorily.
Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF https://ico.org.uk/concerns/
Easy Payroll may update this policy from time to time (for example, if the law changes). We'll notify you about significant changes by emailing the account owner or by placing a prominent notice on our site.