Certificates

As a trusted Nordic fintech company, we always make sure that we have the right certifications.

Certificate

ISAE 3402 Type 2

ISAE 3402 is developed to provide an international assurance standard for allowing public accountants to issue a report for use by user organizations and their auditors (user auditors) on the controls at a service organization that are likely to impact or be a part of the user organization’s system of internal control over financial reporting.

Certificate

ISO 27001:2013

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.

Certificate

ISO 27701:2019

This document specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management within the context of the organization.

Questions for Kaunt's processing of personal data

As a part of delivering Kaunt's automation, Kaunt processes personal data. Kaunt is responsible for the data, when personal data regarding contact people is processed – for example in the sales process. And Kaunt is data processor when the Kaunt Automation SaaS solution is delivered.

Kaunt is data processor as the customer’s supplier invoices may contain personal data.

 

The supplier invoices can be very different, depending on the organization’s activities. The invoices may contain personal data like name and contact information, information regarding a one-man business or such, or it can be special personal data like social security number or health information etc.

 

A high level of security is always provided.

Yes, Kaunt uses a standard data processing agreement, based on The Danish Data Protection Agency’s template.

Yes, Kaunt uses State-of-the-art encryption on the transport layer and when storing data.

 

Kaunt uses AES 256 standard encryption. The AES encryption key is encrypted with RSA2048.

ECIT Solutions A/S in Viby J. Denmark and Microsoft Azure in Datacenter Western Europe is hosting Kaunt’s data.

 

All data is stored within EU/EEA.

As Kaunt uses Microsoft Azure, a transfer of personal data to insecure third countries will in legal terms take place. This is for example, when an se-access is given to employees outside of EU/EEA for support and maintenance of Microsoft’s solution.

 

The basis of transfer is Standard Contractual Clauses (SCC) and in extension Kaunt has implemented further technical and contractual initiatives.

 

Read more about the basis of transfer and the Data Protection Addendum here.

 

To ensure, that no unintentional access to data is given outside of EU a HSM Azure Key Vault is used to store encryption keys. Encryption keys are stored in FIPS 140-2 Level 2 and Level 3 validated hardware security modules (HSMs).

 

Moreover, Kaunt’s data processing agreement include further contractual provisions, as recommended by the European Data Protection Board. You can read the recommendations here.

Kaunt follows a risk based approach to information security and data protection. As a part of this, Kaunt is ISO/IEC 27001 and 27701 certified.

 

You can find Kaunts certifications here.

On a yearly basis Kaunt complete a ISAE3402 type 2 report with an extension on personal data.

 

The Report is available and can be downloaded here.

 

You can find a SOC 2 report for Microsoft Azure here.

 

You can find a ISAE3402 type report for ECIT Solutions A/S here.

Yes, Kaunt has an assigned Data Protection Officer who can be contacted for any questions regarding information security and/or processing of personal data.

 

Kaunt’s Data Protection Officer is:

 

Marie Martens Lawsen

M: dpo@kaunt.com

P: 0045 92 44 32 18

Automate your
Account Coding

Automate your accounting with artificial intelligence. Fill the form and one of our AI experts will contact you and give you a live review of how your Accounts Payable processes can be automated.

 

  • Talk to an expert that focus on where you are and which systems you use
  • Save time on examinations and tests
  • Gain insight into the pricing model and hear about your benefits