08451 221 302
This information security policy is a key component of TextAnywhere’s overall information
security management. It incorporates TextAnywhere’s handling of personal data,
protection of that data, security of our systems, and staff procedures.
TextAnywhere is committed to safeguarding your personal information. Whenever you
provide such information, we are legally obliged to use the information in line with all laws
concerning the protection of personal information, including, but not limited to, the Data
Protection Act 1998.
The objectives of TextAnywhere’s Information Security Policy are to preserve:
The aim of this policy is to establish and maintain the security and confidentiality of information, information systems, applications, and networks owned or held by TextAnywhere by:
This policy applies to all information, information systems, networks, applications, locations, and employees of TextAnywhere, or supplied under contract to it.
Ultimate responsibility for information security rests with the Directors of TextAnywhere, and, as TextAnywhere is a relatively small organisation, on a day-to-day basis the Directors shall be responsible for managing and implementing the policy and related procedures.
All staff shall comply with information security procedures including the maintenance of data confidentiality and data integrity.
Each member of staff shall be responsible for the operational security of the information systems they use.
TextAnywhere is obliged to abide by all relevant UK and European Union legislation. The requirement to comply with this legislation shall be devolved to employees and agents of TextAnywhere, who may be held personally accountable for any breaches of information security for which they may be held responsible.
TextAnywhere shall comply with the following legislation and other legislation as appropriate:
Only authorised personnel who have a justified and approved business need shall be given access to restricted areas containing information systems or stored data.
In order to minimise loss of, or damage to, all assets and equipment shall be physically protected from threats and environmental hazards.
All information security events and suspected weaknesses are to be noted. All information security events shall be investigated to establish their cause and impacts with a view to avoiding similar events.
The organisation shall use software countermeasures and management procedures to protect itself against the threat of malicious software. All staff shall be expected to cooperate fully with this policy.
An audit trail of system access and data use by staff shall be maintained.
The organisation shall ensure that business continuity and disaster recovery plans are produced for all mission critical information, applications, systems and networks.
At TextAnywhere., all online purchases take place safely, using the latest and best internet security and encryption technology to protect our clients. We are fully PCI DSS compliant and as such do not store any sensitive information about your purchases or payment details on our network infrastructure.
We partner with DataCash, a payment gateway owned by MasterCard, to perform the secure transactions on our behalf.
Payment Card Industry Data Security Standards (PCI DSS) are network security and business practice guidelines adopted by credit card companies such as Visa, MasterCard, and American Express to establish a “minimum security standard” to protect customers’ payment card information.
It is a requirement for all merchants that store, transmit, or process payment card information to be PCI DSS compliant.
The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., to help facilitate the broad adoption of consistent data security measures on a global basis.
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organisations proactively protect customer account data.
The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organised:
» Build and Maintain a Secure Network
» Protect Cardholder Data
» Maintain a Vulnerability Management Program
» Implement Strong Access Control Measures
» Regularly Monitor and Test Networks
» Maintain an Information Security Policy
TextAnywhere is fully compliant with all twelve requirements listed above.
TextAnywhere will only collect information necessary to provide the TextAnywhere service. This includes name and contact information for clients and partners, as well as appropriate financial information from clients.
TextAnywhere will not pass any personal information to any third party at any time without your prior permission.
TextAnywhere may contact you for the following reasons:
We will keep your information confidential except where disclosure is required by law (for example to government bodies and law enforcement agencies).
We will hold your personal information on our systems for as long as is necessary for the service you have signed-up for. After this period, we will continue to hold data for as long as it is required for tax and recording purposes. After the cancellation of any account, we will not use the data for any business or marketing purpose other than for tax and recording purposes.
Our Information Security Policy has the full support of the Chairman and the Board of Directors.
To ensure that this policy is properly implemented, TextAnywhere regularly reviews its information security progress at board level.
No hidden charges for replies, support or features. Just pay for the services you use.