Data Protection & Privacy

Using Shakes lets you capture personal and business information of your clients. This information is stored securely in a number of ways.

2Shakes – Privacy by Design

2Shakes places the protection of data and the privacy of information as a top priority in the design and operation of our solution. We adhere to the principal of Privacy by Design – which means that Privacy and protection of data were designed into our solution from the beginning rather than added on at the end.

2Shakes was developed to meet the New Zealand Governments strict requirements for Privacy and Security.  This means:

  • NZ Privacy Act requires that you only collect information that you need. When you onboard with 2Shakes the fields and selections you make only ask for required information. We have also designed our sign up process in a way that prevents inadvertent sharing of private information like IR numbers across different signing parties.
  • ACC Privacy Assessment 2Shakes has passed a privacy assessment completed by NZ ACC.  This provides an independent confirmation that we deal with client private information appropriately.
  • DIA 105 Questions 2Shakes has completed NZ Department of Internal Affairs 105 questionnaire on secure cloud computing for government.  This again provides an independent confirmation that we are storing client information safely and securely online.
  • Microsoft Azure 2Shakes cloud software runs across multiple world-class Datacentres in Australia on Microsoft’s enterprise-level Azure platform.  This helps ensure performance, speed, security and high-availability through geo-redundancy. It also means your data is stored in a 5-eyes country outwith the US Patriot Act – and that is good enough for storing NZ government data.

What you can do to improve security

You should ensure you have robust, up-to-date firewalls and anti-virus software installed on your computers. Keep on top of deleting and destroying old client files, purging folders regularly will minimise build-up. In general sensitive data shouldn’t be kept for longer than necessary.

2Shakes provides options you can use to improve the security and privacy of client data:

  • 2 Factor Authentication: 2Shakes allows for 2 Factor Authentication (2FA).  Using 2FA dramatically increases your security and reduces the risk that someone could log on to 2Shakes with your user name and password.  Find out more about 2FA here.
  • Identity Verification: 2Shakes will allow you to confirm the identity of your clients during sign up.  Identity verification (IDV) dramatically increases assurance that the person signing is who they claim to be.  We will allow you to verify the electronically by asking the client to submit credentials online, and then validating them against a trusted source.  Alternatively, you can sign the original document when you meet your client face to face. If you take a photocopy or scan of an identity document we allow for you to upload it to 2Shakes so that the credentials are stored securely in the cloud, rather that having copies of identity papers lying around the office!