Training Hub
  • Welcome to Training Hub
  • GUIDES
    • Getting Started
    • The Verification Journey
    • Reviewing results
    • Applications
      • Creating a New Applications
      • Managing Applications
      • Reviewing Individuals
      • Understanding Customer Reports
    • Screening
      • Creating Individual Check
        • Reviewing Individuals Check
      • Creating Company Check
        • Reviewing Company Check
    • Monitoring
      • Creating a Monitoring Records
      • Managing the Monitoring Dashboard
      • Monitoring Records of Individuals
    • Account Settings
      • General
        • Company Details
        • Branding
        • Managing Users
        • Billing Details
        • Consultants
        • Data Retention
      • Application
        • Managing Application Types
        • Screening Preferences
        • Source of funds
        • Additional document
        • Forms
    • Help/ Support
    • My Profile
  • Service Information
    • What is Verify by Tiller
      • The Verify Portal
      • The Verify Mobile App
    • The Checks
      • Personal Details Capture
      • Identity Document, Biometric Face Match and Liveness
      • International Address Verification
      • PEP & Sanction Screening
      • Adverse Media Screening
      • Proof of Address Upload
      • Geolocation Check
      • Upload Documents
      • Source of Funds
      • UK Bank Account Check
    • Data Collection and Storage
    • Security, business continuity and incident reporting
  • Country Coverage Match Rates
  • Help & Support
    • FAQS
      • General Information
      • Using Verify by Tiller
      • Data Security and Privacy
      • Billing and Account Management
    • Support & Training
    • Documents and materials
    • Release Notes
Powered by GitBook
On this page
  • Data Storage & Control
  • PDF Report
  • 3rd Party Services
  • Security Testing
  1. Service Information

Data Collection and Storage

PreviousUK Bank Account CheckNextSecurity, business continuity and incident reporting

Last updated 1 year ago

Data Storage & Control

All data is stored encrypted in either our primary Microsoft Azure Datacentre in Dublin, Ireland or our secondary geo-redundant Microsoft Azure Datacentre in Amsterdam, Holland. No data is stored on the end-user mobile device.

All data either at rest or in transit is encrypted. At rest, data is encrypted using Transparent data encrypted (TDE) using key based AES 256 algorithm. In transit, all connection use Transport Layer Security (TLS v 1.2 or greater).

All data access is governed by role-based access control following our ‘Least Privilege’ Access Control governance policy.

Physical access control at Azure Datacentres meets or exceeds Tier 4 standards and meets all ISO 27001, HIPAA, FedRAMP, SOC 1, SOC 2, and UK G-Cloud standards.

All Tiller staff undertake full background check screening before employment and are required to undertake security awareness training every 6 months. Access Control policies are followed on any change of employment status to confirm, change, or revoke access rights.

Further information on data security can be found on our website: .

PDF Report

A customer report can be generated for all clients that have been processed. The PDF can be downloaded directly from the browser by an authorised user from the Verify by Tiller Portal. The PDF contains all information captured against the individuals and the detailed output for the verification checks performed.

3rd Party Services

Tiller Technologies shares individual data with 3rd party services to be able to perform verification checks. Agreements are in place with all service providers, and mutual due diligence has been completed. Each company using the Verify by Tiller services will be required to accept Terms and Conditions that stipulate how data is processed. Each end customer will need to accept an End User Terms to use the Verify by Tiller application.

Security Testing

Security is continually tested using an in-house QA (quality assurance) team ensuring the alignment of the services to Tiller Technologies’ data security policies. A full penetration test will be conducted by NCC Group prior to the production launch of the services. This will be conducted at a minimum of once every 12 months.

Further information about data security is found in our Privacy Policy, Terms & Conditions and End User Terms. Tiller Technologies is a Data Processor and will conduct regular DPIAs (Data Protection Impact Assessments) for each new feature developed and deployed.

https://www.tillertech.com/privacy-policy