Data Protection Statement
(Published May 10, 2018)
What personal information we need and why
We may collect and process the following examples of personal information.
- Your name
- Your title
- Contact information (ex: address, tel, email address)
- Billing information (payment method, billing address)
We use this information to:
- Properly identity your account and you as the proper account holder.
- Invoice your account for monthly subscription fees.
- Contact you in the event of an outage, security breach, or notify you of other issues related to your service or data.
- Monitor access and security of your account.
- Comply with legal and regulatory obligations.
Data we collect as part of your portal services
In order to carry out the functionality of the GoToMyAcocunts service, we sync and store certain metadata on your behalf. We store the following types of information as part of the service:
- Transactional data
- Credit Memos
- Sales Receipts
- Sales Orders
- Account Notes
- Other financial metadata
- Account names (general ledger)
- Customer name, address, phone, email, account balance
- Vendor names, address, phone, email
- Items/Services list
- Pricing data
- Classifications of entities, lists, transactions
- Processing Data
- Customer email log (log of email notifications sent to customers)
- Payment gateway log (log of data transmitted to and from payment processors)
- User login history (staff and customer login time)
We use this information to:
- Carry out the processing and functionality of the GoToMyAccounts portal service.
- Automate and initiate payments on behalf of customers.
- Send email notifications to staff and customer users.
- Monitor services and ensure the security of the platform.
- Detect intrusions, multiple failed login attempts, and unusual activity that may cause us to take additional actions to stop or mitigate a vulnerability.
- Provide customer support to our users.
Protecting your information
We take the following technical and organization measures to protect your information.
- Personal data will be processed fairly and lawfully.
- Personal data will be obtained only for one or more specified and lawful purpose and will not be processed in a manner that is not compatible with that purpose.
- Personal data will be adequate, relevant and not excessive in relation to the
purpose(s) for which they are processed.
- Personal data will be accurate and where necessary, kept up to date.
- Personal data will not be kept for longer than is necessary.
- Appropriate technical and organisational measures are in place to protect
personal data from unauthorised or unlawful processing and from accidental
loss, damage or destruction.
Access to your personal information or data
GoToMyAccounts may access data or personal information in the course of delivering support to our users. We will only access the data to the extent as required to handle or address the support request.
Sharing your personal information
We will only share your personal information when it is required by law or we are required to do so in order to remain in compliance with legal or regulatory obligations.
If we receive such a request or are otherwise required to share your personal information, we will notify you within 48 hours.
Our website and web applications utilize cookies in order to initialize and maintain a secure session within the application or website. The cookie data typically consists of a token which is passed securely to our web servers. Our web servers can then authenticate your request as being from your browser and that your session is valid. Your session token is issued only after you have securely authenticated with our service.
We retain session data for 90 days and solely for the ability to analyze system metrics, detect intrusion attempts, and otherwise monitor our systems.
Request to delete/remove your data
When you request to cancel your account, we will confirm the request with the account holder. Upon confirmation, we will remove all data (including personal information) from our servers. The exception to this policy is if a user specifically requests that we retain data for a period of time while their account is in a “paused” state.
Requests for “copy of data”
GoToMyAccounts does not store data that exists external to our customers’ systems. We only sync metadata from existing systems. Thus, we do not possess any data that our customers do not already have. GoToMyAccounts is NOT a backup service for accounting data. The data we store is metadata only for the purpose of indexing and processing requests more quickly than pulling a full request from the source.
Note for users in the EU:
If you wish to have the ability to pull this metadata, we can do this as a special request. There is a fee for this service of $75 USD. If you are not okay with this arrangement and you reside in the EU, please do not register for the GoToMyAccounts service. As stated above, we are NOT a data backup service.