All Collections
Figured & GDPR: Data storage and handling
Figured & GDPR: Data storage and handling
Alexandra Henley avatar
Written by Alexandra Henley
Updated over a week ago

Where is your data stored?

For storing your data, we use two service providers.

Amazon Web Service RDS

  • Name

  • Email address

  • Job title

  • Location

  • User generated transactional data

MongoDB Atlas

  • User generated transactional data

  • Xero data (invoices, bank transactions, chart of accounts)

Is data transferred out of the EU?

We share data both internally within the Figured group, sub-processors (Figured Sub-Processor List), and externally with our partners and with those you direct us to as described in this Notice.

When we do this your Personal Data may be transferred, stored or processed in the United States where our data hosting provider's servers are located, or other countries outside of the European Economic Area or the country where you live. These transfers are necessary to provide our services.

If you are in the European Economic Area, this means that your Personal Data is transferred outside of the EEA.

These transfers are necessary to provide our services, and we utilise standard contract clauses, ensure the entity is Privacy Shield Certified, or rely on the European Commission's adequacy decisions about certain countries (like New Zealand).

For further information please contact us at

Does Figured perform high-risk processing?

Following an assessment of our data processing activities both current and planned, we do not perform what would be considered high-risk processing of sensitive data. 

Therefore we have not carried out a Data Protection Impact Assessment as would be required under Article 35 – Data protection impact assessment

This statement will be reviewed quarterly as part of the general review of our GDPR compliance.

Data Retention and Disposal Policy

You can download the latest version of our full Data Retention and Disposal Policy below

Did this answer your question?