Where is your data stored?

For storing your data, we use two service providers.

Amazon Web Service RDS

You can read about AWS's GDPR compliance at their website here.
We use AWS to collect:

  • Name
  • Email address
  • Job title
  • Location
  • User generated transactional data
     

MongoDB Atlas

You can read about MongoDB Atlas's GDPR compliance at their website here.
We use MongoDB to collect:

  • User generated transactional data
  • Xero data (invoices, bank transactions, chart of accounts)

Is data transferred out of the EU?

We share data both internally within the Figured group, and externally with our partners and with those you direct us to as described in this Notice. 

When we do this your Personal Data may be transferred, stored or processed in the United States where our data hosting provider's servers are located, or other countries outside of the European Economic Area or the country where you live. These transfers are necessary to provide our services. 

If you are in the European Economic Area, this means that your Personal Data is transferred outside of the EEA. 

These transfers are necessary to provide our services, and we utilise standard contract clauses, ensure the entity is Privacy Shield Certified, or rely on the European Commission's adequacy decisions about certain countries (like New Zealand). 

For further information please contact us at privacy@figured.com.
 

Does Figured perform high-risk processing?

Following an assessment of our data processing activities both current and planned, we do not perform what would be considered high-risk processing of sensitive data. 

And therefore we have not carried out a Data Protection Impact Assessment as would be required under Article 35 – Data protection impact assessment

This statement will be reviewed quarterly as part of the general review of our GDPR compliance.

 

Did this answer your question?