Enterprise-Grade Security
for Your Daywork Data
Your billing records, client signatures, and business data are protected by industry-leading security standards. Here's exactly how.
Your billing records, client signatures, and business data are protected by industry-leading security standards. Here's exactly how.
Six layers of security working together to keep your daywork records safe, private, and always available.
End-to-End Encryption
All data in transit and at rest is encrypted using AES-256 and TLS 1.3. Your daywork records and billing data are protected at every layer.
SOC 2 Compliance
We follow SOC 2 Type II security principles across availability, confidentiality, and processing integrity. Regular audits keep us accountable.
Automated Backups
Your data is backed up daily with point-in-time recovery. Redundant storage across multiple availability zones ensures nothing is ever lost.
Access Controls
Role-based permissions let you control exactly who sees what. Admins, supervisors, and field staff each get the right level of access.
24/7 Monitoring
Automated intrusion detection and anomaly monitoring runs continuously. Our security team is alerted to any suspicious activity in real time.
Australian Data Residency
All customer data is stored on Australian servers. We comply with Australian Privacy Principles and applicable state data sovereignty requirements.
Our infrastructure and processes are audited against SOC 2 Trust Service Criteria. Security, availability, and confidentiality are formally assessed by independent auditors.
We comply fully with the Privacy Act 1988 and the Australian Privacy Principles. Your data is never sold, shared, or used for purposes beyond operating the platform.
Penetration testing, vulnerability scanning, and security reviews are conducted regularly by independent security specialists to identify and address risks proactively.
DATA OWNERSHIP
You own your data — always. We never claim rights over your daywork records, billing data, or business information.
DATA RETENTION
Your data is retained for as long as your subscription is active. On cancellation, you can export everything before deletion.
SECURE DEVELOPMENT
All code changes go through peer review, automated security testing, and staged deployments. Vulnerabilities are patched within defined SLA windows.
EMPLOYEE ACCESS
Access to production data is restricted to authorised personnel only, with full audit logs. No ad-hoc access without a formal approval process.
INCIDENT RESPONSE
We have a documented incident response plan. In the event of a breach, affected customers are notified within 72 hours as required by the Notifiable Data Breaches scheme.
THIRD-PARTY SECURITY
All third-party integrations and sub-processors are vetted for security compliance. We only partner with services that meet our data protection standards.
Have a specific security question?
Contact supportAll customer data is stored on Australian servers hosted on AWS ap-southeast-2 (Sydney). We do not transfer data outside of Australia without your explicit consent.
Only you and the team members you authorise can access your account data. Dayworkbook staff access is restricted, logged, and requires formal approval for any production data access.
Your data is backed up daily with point-in-time recovery up to 30 days. Backups are stored in geographically separate availability zones so a single failure cannot cause data loss.
You retain full access to export your data for 30 days after cancellation. After that window, data is securely deleted from our systems in accordance with our retention policy.
Yes. We comply fully with the Privacy Act 1988 and the Australian Privacy Principles. We are also registered under the Notifiable Data Breaches scheme with the OAIC.
Start with 5 free sheets and see how Dayworkbook transforms your daywork workflow.
Start free with the confidence that your daywork records, signatures, and billing data are protected to the highest standard.