We continually assess what personal information we process and how we store it, both on our own websites and those of our clients.
We only collect and store the the minimum information required to interact with our clients, and for people to be able to use online services that we provide: Name, Email address and Mobile number.
This information comes from the people it relates to - proved during a registration procedure.
We do not share information with anyone.
We only the information to communicate with our clients, and to enable our registration and sign-in system.
Our DPO can be contacted at email@example.com
I order to minimise risks associated with collecting and storing personal information, we use the most secure transmission and encryption methods available to us.
Protecting data is key in all areas of our work: data architecture, encryption, storage and back-up processes, as well as the development and implementation of code that processes data.
Individuals have the right to obtain:
confirmation that their data is being processed;
access to their personal data;
Individuals can usually check that their data is being processed and access it by using a sign-in procedure.
We aim to respond to any requests for further information within 24 hours.
Individuals can usually remove their information by signing in to their account.
Individuals can also submit a request by email to have their data emended or removed.
All access to the hardware we use and our network is strictly controlled.
Any and all data and/or code transferred between our development environments and a data centre, or between data centres, are encrypted. We store 'hashes' instead of passwords, to negate any associated, and we store email addresses using strong encryption methods.
We do not use third party code to handle data, and do not allow open source code with potential security vunerablilites e.g. Word Press, et al, on our systems.