Your reputation is built on trust. So is ours, based on a foundation of security, privacy and compliance. Through these practices we have earned the trust of some of the biggest brands in the UK and globally. We use your data to enrich your digital estate. We don’t use data from anyone else and never sell data.
ISO 27001:2017 is the internationally recognised specification for an Information Security Management System (ISMS). It is a security-based risk management framework used by the highly regulated banking sector. We have been audited and ISO 27001 certified since 2015 against our policies, procedures and processes.
Our data services are compliant with the current General Data Protection Regulation (GDPR) and the UK’s Data Protection Act 2018 (DPA). We have expanded our ISO 27001:2017 security framework to include controls aligned with ISO 27018:2014 (cloud based PII processors) and ISO 27017:2015 (cloud services controls).
We take the protection of our customers’ data very seriously. Before the start of any new project, we complete full Data Protection Impact Assessments (DPIA). These comprehensive project documents offer guidance and risk management for both the controller (our client) and the processor (us). Our DPIAs deliver all requirements of GDPR and Data Protection, embedding these in the design and delivery of all projects.
JOSCAR Stage 2 is the Joint Supply Chain Accreditation Register, primarily used in the Aerospace, Defence and Security Sectors and stage 2 includes data processing. We are proudly annually assessed to ensure compliance with this standard.
All data processing is carried out in your jurisdiction including 100% UK based where relevant. We maintain the highest levels of security and availability with global relationships both cloud-based and hybrid cloud-tin suppliers.
Contact our compliance team with any questions
Security-first is embedded in everything we do. From every employee to our software and development processes, framework and continuous testing against Open Web Application Security Project® OWASP cyber security standards.
Our servers are protected and monitored in real-time to make sure data is processed securely. Intrusion detection systems are used to prevent any misuse of our systems.
Any threats and vulnerabilities are managed automatically by a combination of in-house and certified third-party scanning tools.
We also have auditable log and monitoring systems to ensure safe and secure transit through our servers.
Our Business Continuity Recovery Policy means we can carry on with minimal impact to us and our clients, should a disaster happen.
Data is not often in the state it needs to be in to work properly. When you seek to use 1st party data for hyper personalisation you realise how unorganised it is. We’ve developed tools to automate this work, saving many hours and removing an all-too-often blocker to progress.
Cleansing data is one of our specialties, so no need to find a different partner.
Send a sample of your data before starting a project so we can see the state of play. Our human-assisted machine learning makes sure it’s usable and safe for mass personalisation.