MOMENTUM PARTNERSHIP MANAGEMENT SYSTEMS

Information SECURITY POLICY

Take Me home

Our Information Security Policy is designed to ensure that we process the personal and business data of the companies that employ us to design, implement and manage their business management systems whilst recognising the security of this data is critical for our customers and for our business.

We will:-

    • Manage the workflow of this data in accordance with our documented procedures;
    • Ensure that we dispose of data in the method and at the time agreed with our customers;
    • Train our staff to ensure that the risk of data breach is minimised during the processing of customers’ data;
    • Not pass on information about companies that we learn in our daily activities without the customers’ consent.

We are the data controller in respect of the personal data of:-

    • Our employees, candidates for job vacancies and past employees. This data may contain sensitive data;
    • Employees of our customers and suppliers. This data is restricted to those people that we need to interact with in meeting customer requirements and is limited to contact information that is provided to us by the organisation or the person concerned;
    • People who contact us for other reasons relating to our business either directly or via our website;
    • Employees of companies that we consider to be prospective customers for the services that we offer and are contacted in connection with our marketing activities.

Our policy in relation to all personal data is to ensure that we only request the minimum amount of data that is required for us to comply with our legal obligations and/or to enable us to carry out our business processes relating to each category.

This Policy has been developed in accordance with the requirements of ISO 27001:2013 in order to ensure that we remain compliant with all legal and regulatory requirements including those contained in the provisions of the Data Protection Act (2018), GDPR, PECR and our contractual obligations.

Therefore, to protect the confidentiality, integrity and availability of our information, our Director has approved this policy and ensures that:-

    • Our approach to information security is based on the control of risk, as per the standard and best practice.
    • We are committed to establishing and continually improving our ISMS
    • We have developed a framework for setting objectives  which will establish an overall sense of direction and principles for action with regard to information security

Information security is not just something we do; it is an organisational culture and one that is deeply embedded in our business.

Image of a key in the lock of a file to illustrate the security of information held in the file.

Ensure your information is secure