Skip to main content
Finpliq
Start free
← Trust Centre

Policy library

Policies are grouped by governance area and written in two layers: an at-a-glance summary for business owners and a full policy for assurance reviews.

SecurityPrivacyInfrastructureEngineeringResponsible AIComplianceLegal

Security

Information Security Policy

How Finpliq protects business, bookkeeping, payroll and tax records using secure access, encryption, logging and operational controls.

Last reviewed: 8 July 2026

Security

Secure Software Development Policy

How Finpliq should be developed, reviewed, tested and released without weakening authentication, authorisation, tenant isolation or filing workflows.

Last reviewed: 8 July 2026

Security

Access Control Policy

How Finpliq controls access to user accounts, businesses, admin areas and sensitive filing functions.

Last reviewed: 8 July 2026

Privacy

Privacy Policy

How Finpliq processes account, business, bookkeeping, payroll, tax, support and website data.

Last reviewed: 8 July 2026

Privacy

Cookie Policy

How Finpliq uses essential cookies and any configured analytics or marketing cookies.

Last reviewed: 8 July 2026

Privacy

Data Processing Agreement

Controller/processor terms for businesses using Finpliq to manage records containing personal data.

Last reviewed: 8 July 2026

Privacy

Data Retention Policy

How Finpliq retains and deletes business, accounting, tax, support and security records.

Last reviewed: 8 July 2026

Infrastructure

Backup & Disaster Recovery Policy

How Finpliq plans for service continuity, recovery and data restoration.

Last reviewed: 8 July 2026

Security

Vulnerability Management Policy

How Finpliq identifies, triages, fixes and records security weaknesses.

Last reviewed: 8 July 2026

Security

Incident Response Policy

How Finpliq identifies, responds to and communicates security incidents.

Last reviewed: 8 July 2026

Infrastructure

Business Continuity Policy

How Finpliq keeps essential service operations available during disruption.

Last reviewed: 8 July 2026

Security

Encryption Policy

How Finpliq protects sensitive records, secrets, tokens and credentials.

Last reviewed: 8 July 2026

Security

Logging & Monitoring Policy

How Finpliq records important activity without exposing sensitive data.

Last reviewed: 8 July 2026

Infrastructure

Third-Party Supplier Policy

How Finpliq manages suppliers such as hosting, email, payments, HMRC APIs and analytics where configured.

Last reviewed: 8 July 2026

Engineering

Secure Deployment Policy

How Finpliq should be deployed safely without breaking migrations, authentication, billing or filing workflows.

Last reviewed: 8 July 2026

Responsible AI

Responsible AI Policy

How Finpliq uses Smart Bookkeeper assistance as suggestions, not automatic professional judgement or automatic filing.

Last reviewed: 8 July 2026

Compliance

HMRC Filing Policy

How Finpliq handles supported HMRC workflows, validation, approval, submission evidence and correction routes.

Last reviewed: 8 July 2026

Compliance

Financial Data Import Policy

How Finpliq handles manual statement imports, CSV/Excel/PDF uploads, receipt uploads and user-controlled categorisation.

Last reviewed: 8 July 2026

Security

Vulnerability Disclosure Policy

How security researchers and users can report vulnerabilities safely and responsibly.

Last reviewed: 8 July 2026

Infrastructure

Availability & Support Policy

How Finpliq communicates support, maintenance and availability expectations.

Last reviewed: 8 July 2026

Legal

Acceptable Use Policy

How Finpliq must be used lawfully and safely.

Last reviewed: 8 July 2026