At Spherics we use accounting data to build carbon footprints for businesses. We recognise that because of this, many customers have valid concerns about data security and privacy. That’s why we align with the best industry standards and guidance.
We only store accounting data, which is expenditure data based on your recorded transactions
We do not store any of your financial data, which includes bank card details or other sensitive financial information which could be used to make purchases
We never store your user password in plaintext.
We use the Argon2 password hashing algorithm to hash your password which means that in the event of a data breach, your password is safe.
We have strong password policies to ensure access to cloud services is protected.
Our database is not internet facing and therefore cannot be the target of a cyber attack. Access to the database is strictly controlled and only accessible via a company VPN.
All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network.
Spherics is served 100% over Hypertext Transfer Protocol Secure (https).
Access to customer data is limited to authorized employees who require it for their job.
Spherics runs a zero-trust corporate network. There are no corporate resources or additional privileges from being on Spherics’ network.
We follow the National Cyber Security Centre guidance and are working towards Cyber Essentials certification.