top of page

How We Protect Your Data

At QTTS, your privacy isn’t just a checkbox — it’s a mission. With data breaches hitting headlines more often than tax deadlines, we believe that real security starts with not cutting corners.

🔒 Only 17% of small businesses encrypt their data, and 51% have no cybersecurity measures at all.
— ExplodingTopics.com, 2023

Let’s just say… we’re not “most businesses.”

The founder of QTTS managed a computer forensics lab at the CRA — yes, that CRA. With a decade of experience investigating data breaches, insider threats, and digital evidence, we’ve seen firsthand what poor security practices look like — and what they cost. That’s why everything at QTTS is built from the ground up to be airtight, encrypted, and private.

We don’t store your data in the cloud. We don’t take chances. Here’s how we protect you:

🔹 How We Store Your Data

We don’t touch the cloud for storage. Ever.

Your data is stored locally on a secure NAS (Network Attached Storage) housed at QTTS. Here’s what that means:

  • Redundant Backup: The NAS runs with mirrored drives. If one fails, the data is still safe on the other. Once replaced, it rebuilds automatically.

  • BitLocker Encryption: Every drive is encrypted — not just the NAS, but the computer hard drives too.

  • Offline Physical Backup: We go further by maintaining a separate offline backup, also BitLocker encrypted. If a disaster strikes, your data is still safe.

🔹 Transfer & Access – Encrypted. Temporary. Controlled.

When it’s time to send or receive files, we use Sync.com — a Canadian cloud service based in Toronto, known for privacy-first practices and end-to-end encryption. That means:

  • Files don’t leave Canada

  • Upload links expire quickly

  • Signed forms are handled with the same encrypted protocol

  • Once we’ve filed your return, you’ll get 72-hour access to your finalized documents — then, they’re removed.

No lingering files. No permanent cloud storage. No “oops.”

🔹 What Happens to Backups & Old Drives?

When drives get full, we don’t toss them or store them in a shoebox. They’re:

  • Labeled clearly

  • Stored in a fireproof, waterproof safe

  • Retained only as long as required by law

  • Tracked in a destruction schedule so we know exactly when to securely wipe and retire them

🔹 Why This Matters

🧯 54% of companies store financial records in the public cloud, and many of them don’t disclose data breaches to their clients.
— ExplodingTopics & ScienceDirect

That’s terrifying. It’s also standard in the industry — especially with large firms that value volume over client trust. At QTTS, we choose to own our infrastructure, encrypt everything, and be transparent about it.

We don’t gamble with your privacy. That’s our promise.

📎 Sources:

bottom of page