Our commitment to your privacy

As an accredited ISO 27001 business, our commitment to data security has always been a priority.

Verve is committed to safeguarding personal and sensitive data and works in line with all applicable laws concerning the protection of personal information, including GDPR and CCPA. We ensure we are fully compliant by:

• Regularly auditing our data capture points both in and out of Verve.
• Our collection of processes and policies that are fully auditable, with regular review and improvements made.
• Updating our precise inventory of personal information that we control along with reviewing our current controls and processes to ensure that they are adequate. This included a risk assessment with associated plans to address any identified areas of risk.
• Keeping informed of updated regulatory guidance as it becomes available plus consulting a legal expert for guidance where applicable.
• Conducting regular reviews of the Information Commissioner's website, other information sources and attending talks and trainings.
• Have on retainer a specialist consultancy to support our DPO – The Trustbridge.

At Verve we also have a working group of Senior Management, to manage the process of implementation and continue review. This group includes: MD of Finance & Operations; SVP of Group Operations and IT/Security Manager AD of Special Projects. The aim of this group is to ensure Verve continues to comply with the Data Protection Act, maintain our ISO 27001 accreditation and commitments, and manage our monthly internal audit process which was is designed to stress test GDPR & CCPA regulations and ISO requirements.

At Verve, we strive to deliver an incredible customer experience, whilst continuing to make additional required operational changes resulting from new legislation, and keeping our clients, partners and regulatory authorities informed.

Our Information Security Policy is available upon request.