Skip to main content
Trust and Compliance

SOC2 and GDPR

J
Written by Julie Zehntner
Updated over 3 weeks ago

Summary

Welcome to our Trust Center FAQ page. Here, we answer the most common questions about our security, compliance, and privacy policies.


Q. Where can I find information in regards to privacy, data collection and jurisdictions covered?

  • All information can be found via our log-in page and on the Accoil Website.

Accoil Privacy policy


Q. Is Accoil Analytics compliant with data privacy regulations ?

  • Yes Accoil is SOC2 and GDPR compliant.


Q. Are audits or certifications available to demonstrate compliance?

  • Certification and attestations can be found on our website. https://www.accoil.com/

  • Full reports are available on request, and subject to approval


Q. What security measures do you have in place to protect my data?

  • Accoil employs a variety of measures and controls to protect data including encryption, access controls, firewalls, and security monitoring

  • Further details can be found in the Trust Centre on the Accoil Website


Q. How do I request my Data removal?


For Data Subject Access Requests (DSARs) under GDPR

(EU/UK):
DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland

  • To raise a question to Accoil Pty Ltd, or otherwise exercise your rights in respect of your personal data, you may do so by:

    • sending an email to DataRep at [email protected] quoting in the subject line; Data Subject Access Requests

    • contacting us on our online webform at www.datarep.com/data-request, or

    • mailing your inquiry to DataRep at the above address.

for all other jurisdictions or queries:


Q. How can I contact your security or compliance team for more information?


Q. How often do you conduct security audits and penetration testing?

  • We will conduct regular audits to assess our compliance with this policy and applicable privacy regulations. Audits may be conducted internally and by an external auditor.


Q. What happens in case of a data breach?

Describe your incident response plan, customer notification process, and security reporting procedures.


Q. How do you handle third-party vendors and sub-processors?

Explain how you vet, monitor, and contractually require compliance from third-party providers.

  • By providing us with personal information, you consent to the disclosure of your personal information to third parties who reside outside Australia and, if you are a European Union (EU) citizen, to third parties that reside outside the EU. Where the disclosure of your personal information is solely subject to Australian privacy laws (and not subject to the GDPR), you acknowledge that we are not required to ensure that those third parties comply with Australian privacy laws.


Q. How do you ensure employee security awareness and compliance?

  • All employees are required to annually complete security awareness and privacy practices training.

  • Training includes, but is not limited to:

    • Identifying personal information.

    • Understanding the legal requirements for handling personal information.

    • Securely collecting, storing, and disposing of personal information

Did this answer your question?