Privacy Policy

This information security policy outlines how we protect our IT assets and with it the data that we process and hold on behalf of our customers.

Inform CPI Ltd is committed to keeping your data safe. Whenever you provide such information, we are legally obliged to use your information in line with all applicable laws including the Data Protection Act 1998.

Objectives and Scope

Objectives
The objectives of Inform CPI Ltd’s Information Security Policy are to preserve the integrity and availability of IT systems and keep confidential the information held within them.

Scope

The policy applies to all hardware, software, information, networks, applications, and locations where Inform CPI Ltd carries out data processing.

Responsibility
Ultimate responsibility for information security rests with the Directors of Inform CPI Ltd, and, as Inform CPI Ltd is a small company, on a day-to-day basis the Directors shall be responsible for managing and implementing the policy and related procedures.

Each member of staff is responsible for the security of the information systems they use, and is aware of their obligation to work within information security procedures and maintain data confidentiality and integrity.

Legislation
Inform CPI Ltd is obliged to abide by all relevant UK and European Union legislation.

The requirement to comply with this legislation is spread to employees and agents of Inform CPI Ltd. Any employee or agent may be held personally accountable for any breaches of information security for which they may be held responsible.

Inform CPI Ltd shall comply with the following legislation and other legislation as appropriate:

The Data Protection Act (1998)
The Data Protection (Processing of Sensitive Personal Data) Order 2000.
The Copyright, Designs and Patents Act (1988)
The Computer Misuse Act (1990)
The Health and Safety at Work Act (1974)
Human Rights Act (1998)
Regulation of Investigatory Powers Act 2000
Freedom of Information Act 2000

Policy Framework

Access Control
Only authorised personnel who have a justified and approved business need shall be given access to restricted areas containing information systems or stored data. This includes IT equipment located in our computer department in Chester, or our external data centres in Manchester or London.

Equipment Security

In order to minimise the risk of loss or damage to IT assets, equipment shall be physically protected from threats and environmental hazards.

Protection from Malicious Software

The organisation shall use antivirus software and management procedures to protect itself against the threat of malicious software. All staff shall be expected to co-operate fully with this policy.

Monitoring System Access

An audit trail of system access and data use by staff shall be maintained.

Business Continuity Plans

The organisation shall ensure that business continuity and disaster recovery plans are produced for all mission critical information, applications, systems and networks.

Privacy
Inform CPI Ltd will only collect information necessary to provide the services we offer. This includes name and contact information for customers, and contact information including mobile phone numbers belonging to contacts of customers.

Inform CPI Ltd will not share or pass any personal or confidential information to any third party unless required to do so to provide the services we offer.

Inform CPI Ltd may contact you for the following reasons:

Get in touch
As always, if you have any specific concerns or would like further reassurance then please get in touch.