When coding IMPROVE, every line has been written with data security in mind. We also review and externally test our software frequently to stay one step ahead of changing threats.
We’re continuously improving our internal processes and security measures to ensure complete platform assurance, and we actively pursue certification to national and global best practice security standards. We are both Cyber Essentials and IASME GDPR Certified.
Additionally, everyone who works at IMPROVE has been security vetted in accordance to their job role. We make sure there are robust process and controls in place which restrict the access of your data.
What we’re storing
We store only necessary information, as collected by you. Individual logins mean that your team members can keep their details accurate and up to date, ensuring that you meet your legal obligations as an employer.
How we’re storing it
We encrypt your data both at rest and in transit, and our site and storage processes are architected for security. All traffic between IMPROVE and the user’s browser is encrypted in transit. We support TLS exclusively and only utilising strong cipher suites.
Who can access it
We have extensive internal access controls and regulations here at IMPROVE. All employees have access to data under limited conditions. Within our software you can set user roles for all employees to restrict access to materials and data content.
We follow the principles of the General Data Protection Regulation of May 2018. We have a designated Data Protection Officer, and accountability and privacy are principles that are designed into both our software and policies.
Have full awareness of where any of your data is being held & when outside the EU, ensuring appropriate compliance is in place.
Ensure that only those who require access to your data are able to & we have the highest level of protection against unauthorised access.
Ensure you have the right to view, amend, export or delete any information that we hold on your behalf, including anything held by 3rd party services.
Ensure that consent is given during the sign-up process for all that use IMPROVE and allowing you to withdraw this at anytime.
Steven Hill. You can contact them via email@example.com
Our retention periods are defined by you, you have full control of what data is held on our system and are free to remove or amend it at any time.
Within the EU.
Yes, this is defined by our commitment to Cyber Essentials and GDPR compliance and the controls we have in place internally for that.
Of course – please email firstname.lastname@example.org
Yes we do.
Yes we do.