Data Protection Policy

General Security:

Ensure that all confidential paper waste to be shredded daily.

No personal data to be given out over the phone or in writing without permission and confirming the identity of the requester.

No discussing personal information with a customer until the identity of that customer has been confirmed by two of the following conditions;

  • Date of birth
  • Address
  • Telephone number
  • Middle name(s)
  • Specific data relating to debt

IT security:

  • All computer passwords to be at least 7 characters long and have a combination of upper and lower case letters and one number
  • All passwords to be changed at least every 90 days
  • All staff to ensure they do not open spam – not even to unsubscribe or ask for no more mailings
  • Operate a firewall and up to date virus-checking on all IT systems in addition run regular spy-ware checks
  • Ensure that all IT operating systems are up to date and set up to receive automatic updates
  • Ensure that all computers are protected by downloading the latest patches or security updates
  • Staff members will only have access to information necessary for their role.
  • The CRM security settings are configured to define IP restrictions so that employees cannot access the system outside of work to ensure data security.
  • Take regular back-ups of the information on your computer system ensuring that its fully encrypte
  • All data to be securely removed before disposing of old computers