Our commitment to your privacy

Verve is committed to safeguarding personal and sensitive data and works in line with all applicable laws concerning the protection of personal information. Our collection of processes and policies that are fully auditable, with regular review and improvements made.

As an accredited ISO 27001 business, our commitment to data security has always been a priority.

We ensure that we are fully compliant to the Data Protection Act, which includes the GDPR by:

• Regularly auditing our data capture points both in and out of Verve.
• Updating our precise inventory of personal information that we control along with reviewing our current controls and processes to ensure that they are adequate. This included a risk assessment with associated plans to address any identified areas of risk.
• Keeping informed of updated regulatory guidance as it becomes available plus consulting a legal expert for guidance where applicable.
• Conducting regular reviews of the Information Commissioner's website, and attending talks and trainings.
• Have on retainer a specialist consultancy to support our DPO – The Trustbridge.

At Verve we also have a working group of Senior Management, to manage the process of implementation and continue review. This group included for implementation and continues to include: MD of Finance & Operations; CTO; SVP of Group Operations; IT Manager; and Onboarding Director. The aim of this group is to ensure Verve continues to comply with the Data Protection Act, maintain our ISO 27001 accreditation and commitments, and manage our monthly internal audit process which was designed to stress test GDPR regulations and ISO requirements.

At Verve, we strive to deliver an incredible customer experience, whilst continuing to make additional required operational changes resulting from new legislation, and keeping our clients, partners and regulatory authorities informed.

Our Information Security Policy is available upon request.