Compliance & Privacy Statement
Our compliance and criteria we need to adhere to
GDPR compliancy become a lawful requirement in 2018. We strive to comply and surpass our obligations to data protection and want all our clients and associates to know how we go about meeting these obligations.
How we may use and store your data
We take our lawful obligations seriously. As such, we are committed to protecting our client’s privacy and ensuring that compliant and stringent safeguards are in place at all times which ensures compliance with GDPR legislation.
All information provided to us by you will be held securely on 256-bit encrypted hard drives. New cases and ongoing work is stored on a standalone hard-drive. The drive has no online connection, so it can’t be remotely accessed, and it is encrypted with a 256-bit encryption. You must physically be at the terminal to transfer the data and you must have the passwords and data protection training to access, transfer, and use the data.
TSCM Sweep report data is held on a separate encrypted drive. We don’t keep reports any longer than we have to.
As data processers, we know that client data is personal and protected. Our attitude is now, and has always been, if we have no use for the data, don’t keep it!
So, once we have completed the TSCM sweep and reported our findings, and closed our case file, we then destroy all notes and client information within about 2-3 weeks. We tend to hold the notes for this short period in case the client reverts to us for further details or queries.
We do keep, for tax and audit trail purposes, the invoice data.
But what is the best way to destroy data to an unrecoverable state? It’s simple and easy to find. We use a Gutman style erasing technique which overwrites files and documents before deletion. This is similar to the USA DOD technique to erase and secure their own data.
For the purposes of UK data protection law, the data controller under this agreement is The Managing Director of BASE TSCM Bug sweeps, Garden Studios, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ.
Personal information supplied by you may be recorded and processed by us for the following purposes:
• To contact you about your TSCM sweep and ask you questions about the sweep or premises.
• To adhere to our obligations to fight crime, fraud, money laundering and terrorism, or any other unlawful activity.
• To fulfill our obligations to ensure your TSCM sweep is handled to the highest professional standards.
• For our legitimate business reasons.
We never share your data with any other person, company or government agency unless a lawful court order is produced
All client data and TSCM sweep analysis data is protected. Hence were obligated by law to ensure the data held and processed by us is safe, secure and is not shared with any other third party without the client’s permission.
If a lawful court order is produced, we will have to oblige and adhere to the order.
Your Rights of Access
GDPR legislation states that clients have certain rights in relation to personal information held on them by corporate entities. Hence you have the right to request us for the information held on you (the client). This will be supplied to you in a typed readable format. We may charge an administration fee to undertake the tasks set out.
If you wish to exercise any your rights to check, or obtain copies of the information we hold on you please contact us at info@tscmbugsweeps.co.uk
Online messages and our web presence
We do have an online contact form which again needs to be secure and GDPR compliant. Our web forms are outsourced to a professional web design firm who take data privacy very seriously. When it comes to secure user data and storage we are provided the very best security measures to ensure our clients are always protected from network abuse, spam and more.
All forms must be protected by..
✔ Spam Protection
✔ Virus and Malware protection
✔ HTTPS connection on sign up
✔ SSL Encryption
✔ Backups
✔ Data recovery
The platform is carefully monitored 24/7 for potential threats and unauthorized activities, such as Man in the Middle Attacks or IP Spoofing. Our online forms have the latest packages installed, updated whenever needed with a 256-bit SSL connection path between users and their online form submission.
All our online form data is encrypted and securely kept on highly encrypted and legally compliant servers in multiple data centre’s.
We use spam, virus and malware protection services provided by McAfee.
Security measures include McAfee Virus and Malware Protection, Spam protection and virus protection
McAfee is a world-renowned cybersecurity firm who monitor all the latest threats and each threat is carefully monitored and cleaned on a daily basis so that our online submissions and form users can navigate in a secure and safe online environment. So, feel free to submit online order forms on your phone, Mac or PC without encountering any external threats at all!
Our E-mail is protected by one of the most advanced online security firms in the world, Google. According to Google sources, their email is now the most secure on the planet and is virtually un-hackable!
Bypassing encryptions and firewalls on this type of email is, so far, unheard of. The only way to gain access to the email data is by a 2-step verification procedure which is unparalleled in today’s email security industry. Google has supported and leads the way in encrypted connections, which makes it harder for anyone to access what we are sending or receiving. Google also monitors and warns us about any possible security risks, such as suspicious email’s that are not sent over an encrypted or secure connection.
Our Team
We are a small group of hardworking and closely-knit TSCM & bug sweeping experts with a passion for countermeasures.
Everyone who is employed by BASE, are vetted, approved, and trained to adhere, comply and surpass the company’s regulatory obligations and client’s expectations.
If you have any questions about how we keep data safe, how we ensure compliant destruction of data or who we may share your data with, if you wish to check what data we hold on you, or make a request for the data we hold about you, please feel free to email us at info@tscmbugsweeps.co.uk and mark the email subject line or for the attention of the data compliance officer.
We aim to respond to data compliance requests within 28 days of receiving the request. Administration fees may be applicable for data compliance requests.