Our commitment to your privacy
Verve is committed to safeguarding personal and sensitive data and works in line with all applicable laws concerning the protection of personal information, and has fully implemented the requirements of UK GDPR (General Data Protection Regulation).
As an accredited ISO 27001 business, our commitment to data security has always been a priority.
We have a collection of processes and policies that are fully auditable and we regularly review and make improvements too.
In line with GDPR requirements we are undertook a complete review of our structure, processes and policies and our ISO 27001 requirements have given us a detailed structure to follow.
As part of this we have clearly identified the following areas of importance.
- Data Security
- Data Impact Assessments
- Data Subjects Rights
- Transferring data from the EU
Our action plan, enabled us to meet the May 25th 2018 deadline, included (but is not limited to):
- Legal support from local EU Counsel to help guide us
- Understanding the provisions of the new regulations, understanding how they may differ from the
current obligations and detailing considerations of our clients, members and internal staff
- Auditing our data capture points both in and out of Verve
- Updating our precise inventory of personal information that we control plus reviewing our current
controls and processes to ensure that they are adequate. This includes a risk assessment with
associated plans to address any identified areas of risk.
- Keeping informed of updated regulatory guidance as it becomes available plus consulting a legal
expert for guidance where applicable
- Conducting regular reviews of the Information Commissioner's website, which is the UK
representative within the EU working group: Article 29 and attending talks and trainings
We instructed a working group of Senior Management, meeting bi-weekly, to manage the process of implementation. This group included: MD of Finance & Operations; CTO; SVP of Group Operations; IT Manager; and Onboarding Director.
At Verve, we strive to deliver an incredible customer experience. We will continue to make additional required operational changes resulting from the new legislation.
Our Information Security Policy is available upon request.