GDPR and Tonic Products

With GDPR just around the corner, we've put together this F.A.Q to clarify some points from a Tonic perspective.

The important thing to remember is GDPR is mainly focused on data accessibility and while we provide the system to you we have no say on how you actually use it (e.g. staff logins, access to reporting, data security policy etc). So please feel free to come to us if you would like any further data protection features created or activated.

  1. Where's the data located: Tonic CRM products data is located securely within the cloud in the EU including both local and remote backups. Each client has 1 physical server that contains their active installation and these are compartmentalised from any other Tonic installation. Each server has a dedicated Firewall, IDS and DDoS mitigation system.
  2. Who can access the system: Anyone with a Tonic CRM username or password can access the system, clients also have the opportunity to whitelist the system to specific IP's on request ensuring that remote access is forbidden. Access can be revoked at any time either on a User, Introducer or IP basis
  3. Who can see customer data: Tonic has 3 distinct user account levels these have varying access permissions but a basic user has absolutely no reporting access, this is split further by "introducer" access which limits suppliers access to only information they themselves have provided.
  4. What is logged: User login dates/times and locations are logged by default, changes to accounts are logged and clients have the option to request that we turn on user activity logging in the form of page activity, accounts viewed and logout times as well, however, this is disabled by default.
  5. Anything else; Tonic is a bespoke system so other changes have also been requested by clients such as PCI compliance logging, account detailed changelogs and data obfuscation for example.
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Usernames

Once usernames for staff/introducers have been created they are fixed. To get around this you can...

Uploading Documents to Tonic

There are three ways to get documents onto tonic: Manual uploads: Go to the customer’s...

Reports

How to Generate Reports for Claims and Clients:- For claims, use the "Custom report" deselect...

Viewing Documents on Tonic

When trying to view documents on Tonic, make sure the popup blocker is set for the exception of...

Adding a Logo or other Image to custom letters or e-mails

You can upload a logo or other image to a service like www.postimg.org then you can follow the...