COVID-19 Response: Biscuit Tin is free for everyone until the end of 2020. Read More

Biscuit Tin is very serious about security

We are acutely aware you are trusting us with the important and sensitive details of your life and we take that trust seriously with industry leading technology solutions protecting your data.

Biscuit Tin - Security

Data privacy

The data you store in your Biscuit Tin is completely private and secure. Only you and the people you nominate (your ‘Nominees') can access the data you save to your Biscuit Tin. Every nominee you create has to accept the role, verify themselves and register as ‘your nominee’ with their own login details.

Your Nominees will only get the right to access your data if you set your permissions to allow them access or in the event of the registration and verification of your death.

Biscuit Tin - Security

Two Factor Authentication

Whenever you or any of your Nominees sign in to your Biscuit Tin we will send a unique code to the registered mobile phone or email address that must be input as part of the login process. This additional layer of security means that even in the unlikely event that someone got hold of a password somehow, they still wouldn’t be able to access your data.

Biscuit Tin - Security

Encrypted data

All data that you store on your Biscuit Tin is encrypted. This means that your data is secret and can only be decrypted by you or your nominee(s) via an authenticated login. Even in the unlikely event that someone did unlawfully compromise the systems where your data is stored, they would not be able to decrypt your data to make any sense of it.

Biscuit Tin - Security

Communication security

All communications between you and Biscuit Tin are secured using a Secure Sockets Layer (SSL). SSLs are used is to keep sensitive information sent across the Internet encrypted so that only the intended recipient can access it. When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to. SSL Certifications are in place across all of our Website and Biscuit Tin application communications.

Biscuit Tin - Security

The part you play in Security

Biscuit Tin has taken multiple precautions to secure your data for you but another key link in the chain of Security is also you. Choose a strong password, don’t store it publicly on your mobile phone and never share your password with anyone. You can choose to share specific parts of your data with your nominees in a secure and fully authenticated way via use of the Nominee function within your Biscuit Tin.

Biscuit Tin - Security

What we can do with the data you upload?

Nothing, nil, zilch… except pass it on to those you have nominated when you die! No one at Biscuit Tin has standard access to the data you store. The only time we would be forced to intervene and access your data are in the specific circumstances like legal disputes or misuse of the account from outside the terms of use. Even in these special circumstances, there are formally audited procedures that would track and record this special access to your data.

A fully audited trail of all access to your Biscuit Tin is recorded at all times … whether that access is by you, your nominees or our administrators under those special circumstances. In the event of your death alongside sharing your Biscuit Tin with your Nominees as you directed, we also archive a full copy of your encrypted Biscuit Tin which has to be kept for 180 days. This is just in case any exceptional things happen and legalities arise with your wishes. All your Biscuit Tin data is then archived and finally deleted in full as per our Privacy policy.

Biscuit Tin - Security

Site Security

Biscuit Tin follows good industry practices to keep your data secure. Our environments and code are tested and audited regularly against a multitude of good practice security criteria. We also consult and take counsel from national Security experts who test and verify the security of our site.

Biscuit Tin - Security

General Data Protection Regulation (GDPR)

The General Data Protection Regulation is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. Please see our Privacy Policy for details of how we process your data according to this law.

Biscuit Tin - Security

Information Commissioners Office (ICO)

The Information Commissioner is the UK's independent data protection regulator. It places a duty on data controllers to notify the Commissioner as well as individuals concerned of any data breaches that could risk affecting individuals.

Our company Biscuit Tin Planning Ltd is officially registered with the Information Commissioners Office (ICO).

We use cookies to give you the best experience we can. If you continue, we'll assume you're happy to receive all cookies from the website. More about our cookies