Information Security Policy

Introduction

At Global Exposure, we prioritise the security and confidentiality of our clients’ data. This Information Security Policy outlines our commitment to protecting information from unauthorised access, disclosure, alteration, and destruction. We have put in place robust security measures to ensure data integrity and compliance with data protection regulations.

Scope

This policy applies to all Global Exposure employees, contractors, and systems, including any third-party systems where applicable. It covers all data collected, processed, and stored by Global Exposure, whether digital or physical.

Access Control

Access to data and systems is limited to authorised personnel only. We use secure login credentials and multi-factor authentication (MFA) for key systems, and we regularly review access permissions to ensure data is protected from unauthorised access.

Data Protection and Confidentiality

All client and company data are handled with strict confidentiality. We employ encryption for data both in transit and at rest and ensure that sensitive information is stored securely. Our employees receive regular training on data protection and confidentiality practices.

Network and System Security

We use advanced firewall protection, anti-virus software, and intrusion detection systems to safeguard our network. Regular updates, vulnerability scans, and periodic penetration testing are conducted to identify and mitigate potential security threats.

Physical Security

Our office is equipped with physical access controls, including keycard entry and security monitoring, to protect data and equipment from unauthorised physical access.

Data Backup and Recovery

We perform daily backups of all critical data and have a disaster recovery plan in place to restore data promptly in the event of a system failure or data loss.

Incident Response and Reporting

We maintain an incident response plan to address security breaches and vulnerabilities promptly. Any security incidents are investigated thoroughly, and clients are notified where relevant. Our team is trained to handle incidents and follow reporting procedures to minimise potential impacts.

Compliance and Continuous Improvement

We comply with GDPR and other applicable data protection regulations. Our Information Security Policy is reviewed regularly and updated as needed to ensure compliance with the latest standards and best practices.

Contact Us

For any questions about our Information Security Policy or our approach to data protection, please contact us at hello@global-exposure.co.uk.

Have a question regarding our Information Security Policy?

Contact us to learn more about our commitment to an inclusive workplace.