Data Security

We closely work with a law firm to maintain all GDPR requirements and we will sign a GDRP agreement with you called Data Processing Addendum which describes all legal aspects of how we process clients’ data and what measures we have in place to cater legal needs.

There are specific rules and regulations in the office for all staff to protect clients’ personal data.

1. Every staff member has to sign a non-disclosure agreement with GAAP Outsourcing before joining the office.
2. We send password-protected emails to clients which includes clients’ personal data like Address, telephone number, Date of birth, National Insurance Number, email address, any passwords, bank account details.
3. Our staff is all trained to work with documents on screen but if anything really requires printing, we have trash facilities available to make sure no personal data is in presence.
4. Electronic devices such as personal mobile phones, laptops or any other data transfer devices are not allowed in the work area.
5. We conduct random audits specifically with clients’ personal data to ensure security policies are adhered to.
6. We have a post-graduate data manager who is always in contact with lawyers to make sure all GDPR requirements are in place.

1. We have a professionally qualified data manager working with us.
2. Every employee has their unique credentials to access their work station.
3. All jobs data is saved on our secure server and the employees only have access to specific jobs they are working on.
4. Employees are not allowed to use internet on their workstations beyond their work area. We take strict disciplinary actions on internet traffic policy.
5. We have appropriate backup devices available to avoid any data loss.
6. Antivirus systems are in place throughout servers and workstations.
7. No personal emails, personal internet browsing is allowed on any workstation.