Security and privacy policies
- All client details, registered works or registration details are considered confidential and except where legally required, (i.e. by court order or Police investigation), will not be disclosed to any third party without prior consent.
- Client details will never be passed onto other companies, mailing lists, etc.
- All our personnel dealing directly with client details are required to sign a confidentiality agreement.
- All electronic back ups of works are encrypted, to ensure they cannot be accessed by unauthorised personnel.
- All documents and files containing client data that require disposal, (such as redundant or expired files) are disposed of in a secure manner, normally by shredding and/or incineration.
Web site security
We host our web sites and services using our own servers and have in-house IT specialists who manage our systems. This means that your information and files are never stored or copied by any third parties along the way.
Our website uses high security digital certificates to encrypt the communication between your browser and our servers. This ensures your privacy for any data you enter on our website forms and confidentiality of any files that you upload to us.
Secure storage of your work
When we store your work electronically, it is done in such a way to ensure that it cannot be accessed by any unauthorised person.
Files you upload are immediately obfuscated, and all back up files are encrypted. Our storage servers cannot be directly accessed from the Internet, so they cannot be targeted by hackers.
GDPR (General Data Protection Regulation)
- We store and process data only as agreed by the client or as required in order to perform services requested by the client.
- We regard all details we do store as confidential.
- We do not engage in any profiling activities.
- We never share data with 3rd parties (e.g. for advertising, marketing, data analysis or similar).
- We routinely remove personal data that is no longer needed.
For full details, please see our GDPR policy.
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation of the European Parliament, the Council of the European Union and the European Commission intended to strengthen and unify data protection for all individuals within the European Union (EU). It requires that all organisations publish and maintain a policy on data protection and how personal data is handled.
Credit/debit card security
Card details are sent to our payment service providers over highly secure 256bit encrypted direct connections. Card details are never stored or transmitted in a unencrypted format. We are PCI-DSS compliant ourselves and the payment service providers we use are regularly audited by Visa and MasterCard to ensure that their systems conform to the latest security standards.
If you supply credit card details on a postal application form, these are securely disposed of once payment has been taken.
3D Secure verification
Some transactions* may also use ‘MasterCard SecureCode’, ‘American Express SafeKey’ or ‘Verified by Visa’ secure authentication. These systems (collectively known as ‘3D Secure’) use personal passwords or identity information to further protect card users against unauthorized use. (*Dependant on participating bank and payment service provider)