- Where is the data stored? Can you confirm that all data is stored within Canada?
The data is stored on Microsoft Azure Data Centers hosted in Canada. Specifically, Azure Canada Central and East. - Does my data ever cross Canadian borders?
No, all data is hosted on Azure cloud services within Canada. - Will we be notified if a breach occurs?
Yes, all relevant stakeholders would be notified if a data breach occurs. - What kind of security certifications do we have? Does it meet the criteria for protected B data?
Information Security processes within BDO are governed by the Information Security Management System ISO/IEC 27001:2022. - How long does BDO keep my data?
Data retention periods are governed by the legal and jurisdiction requirements. However, once a user is offboarded, their personal data is removed. Email addresses are kept in the system for logging purposes. - Is there security around logging in?
The BDO Client Portal is based on Microsoft SharePoint and follows Microsoft's security protocols. - Is my data encrypted?
Yes, the data is encrypted with TLS 1.2 for data in transit and AES256 for data at rest. - Who has access to my data?
From the application point of view, only invited users have access to the data in the BDO Portal via the BDO Portal web application. Access is granted only if the user specifically been assigned with the appropriate role within the BDO Portal application. - What is BDO's privacy policy?
BDO's privacy policy can be accessed by visiting BDO Privacy Policy. - How is access to BDO applications controlled
BDO staff will invite clients to a specific project. Access to that specific project is visible in the 'Team Member' section on the dashboard. Portal admins are designated and can add and remove users from that project.
Home
-
What we do
-
Who we serve
-
Our insights
- Who we are