We take all necessary steps to ensure that your data stays safe with us. We have implemented strong policies and procedures to control access and safeguard against any threats. Back office is guarded 24 hours by an armed security guard. Only authorised personnel are allowed into the office premises.

Each employee is given a copy of the security policy and is made aware of the importance of adhering to it. The security officer ensures that procedures laid down in the security policy are followed by all staff members. In addition following controls are in place to protect data confidentiality and security:

• Staff are not allowed to take any data off-site.

• Disk drives on all computers are disabled to ensure data cannot be stored on a disk and taken off site.

• All staff are issued with a unique user id and passwords. The passwords are changed on a regular basis and all staff are required to keep passwords confidential.

• All staff members are made aware of the Data Protection Act requirements and any personal data printed is shredded on the office premises if no longer required.

A comprehensive backup policy is in place to ensure smooth running of our operations. Backups are taken on a daily basis and any data that is stored off site is fully encrypted with the decryption key known only to the IT Director and one senior manager in the company.

There is a fully documented disaster recovery plan in place to ensure if there were any serious problems with the server the data can be restored quickly and in an efficient manner. There is also a backup site readily available in case the primary site becomes inaccessible.

Security audit is conducted on a regular basis and backups are restored frequently to make sure these are in workable condition.