As mobile employees travel the world, they expect support from their employer, including safeguarding their personal and confidential information. As a global mobility tax provider, it is GTN's responsibility to handle your data securely. Thus, we make it our priority to protect the personal data you and your mobile employees provide for completion of tax services.
Here are specific examples regarding how GTN helps protect your data:
- GTN is in compliance with the EU-US Privacy Shield and Swiss-US Privacy Shield Frameworks. GTN is on the authoritative Privacy Shield list that is maintained by the US Department of Commerce and is made available to the public on their website located here: https://www.privacyshield.gov.
- We partner with VeraSafe, a well-established and respected organization to ensure we are up to date on global data security matters (e.g., General Data Protection Regulation (GDPR) readiness) and that our web based tools are secure.
- We monitor updates to laws as well as guidance issued by authorities and subject matter experts to confirm our data processing activities are fully compliant with applicable privacy laws. At times, this entails updating our policies and agreements with third parties (e.g., our Data Processing Addendums were updated to enable us to lawfully and safely transfer personal data outside of the European Union (EU) following the decision of the Court of Justice of the EU in the 2020 "Schrems II" case).
- GTN completes an annual SOC 2 Type 2 audit and the most recent audit report is available by contacting firstname.lastname@example.org.
- To provide additional, high level security, we have implemented the Cisco Next Gen Firewall Data Loss Prevention, anti-malware, and Intrusion Protection System tools; Two-Factor Authentication within our Citrix environment, and machine level certs for all VPN access into our network.
- Our third-party security consultant completes annual internal, external, and application level vulnerability and penetration assessments. Our consultant also conducts external vulnerability scans on a monthly basis.
- GTN utilizes the SPAM and Virus protection services from Mimecast along with our Office 365 to scan all incoming emails. Mimecast uses an advanced "Threat Emulation" technology for both file attachments and URL links that is designed to prevent new or known viruses from reaching our servers.
- GTN has formal policies and procedures in place related to: Risk Assessment, Incident Response, Business Continuity, Vendor Management, Technical Control, End User Security, Acceptable Use, Data Security, Personal Data Standards, Bring Your Own Device, and Shredding / Destruction.
If you have any questions about this, please write to us by email at email@example.com.
Want an easy to use questionnaire to review the data privacy and security processes for your current mobility tax services provider? Click on the link below to learn more:
Follow the links below to view more information regarding Data Privacy and Security at GTN.
For more information regarding the GTN Privacy Polices click here.