Policy library
Policies are grouped by governance area and written in two layers: an at-a-glance summary for business owners and a full policy for assurance reviews.
Security
Information Security Policy
How Finpliq protects business, bookkeeping, payroll and tax records using secure access, encryption, logging and operational controls.
Last reviewed: 8 July 2026
Security
Secure Software Development Policy
How Finpliq should be developed, reviewed, tested and released without weakening authentication, authorisation, tenant isolation or filing workflows.
Last reviewed: 8 July 2026
Security
Access Control Policy
How Finpliq controls access to user accounts, businesses, admin areas and sensitive filing functions.
Last reviewed: 8 July 2026
Privacy
Privacy Policy
How Finpliq processes account, business, bookkeeping, payroll, tax, support and website data.
Last reviewed: 8 July 2026
Privacy
Cookie Policy
How Finpliq uses essential cookies and any configured analytics or marketing cookies.
Last reviewed: 8 July 2026
Privacy
Data Processing Agreement
Controller/processor terms for businesses using Finpliq to manage records containing personal data.
Last reviewed: 8 July 2026
Privacy
Data Retention Policy
How Finpliq retains and deletes business, accounting, tax, support and security records.
Last reviewed: 8 July 2026
Infrastructure
Backup & Disaster Recovery Policy
How Finpliq plans for service continuity, recovery and data restoration.
Last reviewed: 8 July 2026
Security
Vulnerability Management Policy
How Finpliq identifies, triages, fixes and records security weaknesses.
Last reviewed: 8 July 2026
Security
Incident Response Policy
How Finpliq identifies, responds to and communicates security incidents.
Last reviewed: 8 July 2026
Infrastructure
Business Continuity Policy
How Finpliq keeps essential service operations available during disruption.
Last reviewed: 8 July 2026
Security
Encryption Policy
How Finpliq protects sensitive records, secrets, tokens and credentials.
Last reviewed: 8 July 2026
Security
Logging & Monitoring Policy
How Finpliq records important activity without exposing sensitive data.
Last reviewed: 8 July 2026
Infrastructure
Third-Party Supplier Policy
How Finpliq manages suppliers such as hosting, email, payments, HMRC APIs and analytics where configured.
Last reviewed: 8 July 2026
Engineering
Secure Deployment Policy
How Finpliq should be deployed safely without breaking migrations, authentication, billing or filing workflows.
Last reviewed: 8 July 2026
Responsible AI
Responsible AI Policy
How Finpliq uses Smart Bookkeeper assistance as suggestions, not automatic professional judgement or automatic filing.
Last reviewed: 8 July 2026
Compliance
HMRC Filing Policy
How Finpliq handles supported HMRC workflows, validation, approval, submission evidence and correction routes.
Last reviewed: 8 July 2026
Compliance
Financial Data Import Policy
How Finpliq handles manual statement imports, CSV/Excel/PDF uploads, receipt uploads and user-controlled categorisation.
Last reviewed: 8 July 2026
Security
Vulnerability Disclosure Policy
How security researchers and users can report vulnerabilities safely and responsibly.
Last reviewed: 8 July 2026
Infrastructure
Availability & Support Policy
How Finpliq communicates support, maintenance and availability expectations.
Last reviewed: 8 July 2026
Legal
Acceptable Use Policy
How Finpliq must be used lawfully and safely.
Last reviewed: 8 July 2026