At Valla, we are serious about taking care of your data, and complying with the General Data Protection Regulation (GDPR).
All of our data is held on EU based cloud data centres.
Of course, you own your data. You can export your data, files and attachments in Valla at any time by emailing us at [email protected] and we can provide a zipped file with exported data within 7 working days.
In addition, if you would like to delete your account, please email us at [email protected] with your email address to let us know this (in the future, we aim to make this available as part of the app so that you can delete your account without notifying us).
If you would like to know what data we hold on you, and also how we use that data, please refer to our cookie policy and privacy policy.
We’ve embedded security into our technology and our processes. We understand that your employment law case is a private, personal matter and we really care about supporting you and giving you somewhere safe and confidential to manage your case.
Valla encrypts any information stored on your behalf, including data in the database and any files you upload, using 256-bit AES encryption.
We also have an audit log of any access to our systems. This means that we can trace back any malicious attempts on our servers early.
We are bound by the UK’s Data Protection Act 2018 (DPA 2018) and the UK General Data Protection Regulation (UK GDPR) and fully respect the rights of individuals in compliance with the EU GDPR. Valla does not sell, rent or share data with any third parties.
All information that passes between Valla and your computer is securely encrypted over HTTPS using TLS v1.2, according to industry standard best practice. The strongest encryption algorithms (SHA 256) afforded by your browser are prioritised. You can confirm the security of the connection between Valla and your computer by reviewing the padlock icon in your browser’s address bar.
Our customers’ information is held securely in data centres located in Ireland. These data centres meet the strictest security standards, including ISO 27001, 27017 and 27018 certification, and comply with the EU General Data Protection Regulation (GDPR).
However, we do utilise some third parties that help provide our services. We ensure that the security measures in place at those third parties have, at the very least, the same high security standards that we employ.
Our back-end systems are only accessible by a small number of our technical staff and only on a “need-to-know” basis. We will only access your data if absolutely necessary to provide you with support.
At times, we might contact you for user research purposes. During those times, if we need to access your data, we will explicitly ask for permission to do so during our communications.
You have your own personal account at Valla, and we make sure that your data is secure and can only be accessed by you, and anyone you’ve chosen to share your case with. You have control over who your data is shared with - only you can add or remove team members for your case.
We take the security of customer data very seriously and treat our users’ information in line with the highest standards.
As well as having a highly available, fault-tolerant database underpinning the application, Valla also has a secured daily snapshots of data are available should they ever be required. These technical and organisational measures help ensure the confidentiality, integrity and availability of your data at all times.
