befree is committed to ensure the safekeeping and collection of personal information. Collection of Personal Information befree does not contact your clients directly or indirectly. Any client information is collected via the Accounting or Financial services firm. The information we are provided include:
befree provides the following types of services:
The collection and use of personal information is only to facilitate one or all of the above services to your firm as requested by you. befree only uses personal information for the purpose(s) for which it was given to us and for directly related purposes (unless otherwise required by or authorised by law) or as consented to by you or your firm.
befree will only provide the information to their staff that relate specifically to the jobs requested by your firm. The information will not be provided or sold to other institutions. If there is a legal situation, the information may be provided in accordance to the law.
befree stores all the data electronically on secure servers. Our servers are located in Amazon data centres having globally hosted at sites in the United Kingdom. We have taken the necessary measures to ensure our data integrity is not compromised. The data is stored for 10 years for compliance, auditing purposes and removed thereafter.
Our secure delivery centre is equipped with the latest technology, infrastructure and dedicated technical staff to ensure our working environment has complete reliability and security for our clients’ data. Our group companies are ISO certified, this means our offices and systems are on par with international best practice for information security management.
We do not use third party contractors to complete any work. Biometric scanners and access cards are required to enter our offices. Only authorised personnel are allowed to enter the office and processing centre. Physical documents, books and other devices are prohibited in the processing centre.
The entire office is monitored by CCTV. All PC’s are desktops running a ‘dumb terminal system’. Ability to save and store data on the PC is disabled. CD Rom and other drives (USB) have been removed. Access to physical/removable drives (external hard drives) have been disabled. Printers and scanners are also not available within the processing centre. Staff are required to keep personal belongings including bags, books or mobile devices in secure lockers provided outside the main processing centre.
Internet activity is heavily controlled with websites required to be added to a “whitelist” before they can be accessed. Staff are unable to access personal emails from the office and work emails are unable to send data outside the office.
Our intranet, internal portals, software and sites have IP Authentication in place so that no one can access these records outside our office premises. Access to our internal software is password protected with strength measurement. Passwords are also required to be updated on a regular basis. All terminals include screen snapshots and are regularly audited to ensure staff are following security guidelines. All our terminals and servers are installed with firewalls, antivirus software, intrusion detection software and prevention systems to minimise any exploits or attacks. Our security software is kept updated at all times and when required. All PC’s within our organisation have an auto-lock feature to ensure PC’s are not kept unlocked. Wireless connections are prohibited within our back-office in India.
Your firm and staff can access the personal information that you provide. befree will take the necessary steps to identify that you are a client of befree before they provide the information to you.