Data Usage
We comply with GDPR and all other relevant data protection legislation and guidance as the security of your data is paramount. In GDPR terms, we are the Data Processor, but councils are the Data Controllers and retain ownership of the data they share with us. We only ever share data with organisations that have been approved by the relevant council and we never sell data to any third parties.
Data security certification
We keep up-to-date with best practices in data protection and hold Cyber Essentials Certification – a Government-supported scheme that protects us from a range of common cyber attacks. We use multiple layers of security software that constantly monitor our systems and alert us immediately of any suspicious activity, and we review our security logs on a regular basis.
Data Storage
Your data is stored on secure servers in London and protected by multi-layered security and TLS encryption. We make daily encrypted backups, which we store safely and delete at the termination of your contract, upon your request, or after an agreed-upon term.
Data Access
Access to the data shared with us is restricted and carefully monitored. We operate a least-privilege policy: our staff members only have access to the data they need. Your data is protected by multi-factor authentication, and passwords and other sensitive data are encrypted in line with industry standards and never stored as plain text.
Our permit management portal has been built to provide tight security and peace of mind, and offers different levels of access that can be tailored to your organisation.
