TextAnywhere

Our Background, our Policies and our Foundation

TextAnywhere Information Security Policy

1. Introduction

This information security policy is a key component of TextAnywhere’s overall information security management. It incorporates TextAnywhere’s handling of personal data, protection of that data, security of our systems, and staff procedures.

TextAnywhere is committed to safeguarding your personal information. Whenever you provide such information, we are legally obliged to use the information in line with all laws concerning the protection of personal information, including, but not limited to, the Data Protection Act 2018 and the General Data Protection Regulation.

2. Objectives, Aim and Scope

2.1. Objectives

The objectives of TextAnywhere’s Information Security Policy are to preserve:

  • Confidentiality – Access to data shall be confined to those with appropriate authority.
  • Integrity – Information shall be complete and accurate. All systems, assets and networks shall operate correctly, according to specification.
  • Availability – Information shall be available and delivered to the right person, at the time when it is needed.

2.2. Policy Aim

The aim of this policy is to establish and maintain the security and confidentiality of information, information systems, applications, and networks owned or held by TextAnywhere by:

  • Ensuring that all members of staff are aware of, and fully comply with, the relevant legislation as described in this policy.
  • Describing the principals of security and explaining how they shall be implemented in the organisation.
  • Introducing a consistent approach to security, ensuring that all members of staff fully understand their own responsibilities.
  • Protecting information assets under the control of the organisation.

2.3. Scope

This policy applies to all information, information systems, networks, applications, locations, and employees of TextAnywhere, or supplied under contract to it.

3. Responsibilities for Information Security

Ultimate responsibility for information security rests with the senior management of TextAnywhere, and, as TextAnywhere is a relatively small organisation, on a day-to-day basis the senior management shall be responsible for managing and implementing the policy and related procedures.

All staff shall comply with information security procedures including the maintenance of data confidentiality and data integrity.

Each member of staff shall be responsible for the operational security of the information systems they use.

4. Legislation

TextAnywhere is obliged to abide by all relevant UK and European Union legislation. The requirement to comply with this legislation shall be devolved to employees and agents of TextAnywhere, who may be held personally accountable for any breaches of information security for which they may be held responsible.

TextAnywhere shall comply with the following legislation and other legislation as appropriate:

  • Data Protection Act (2018)
  • Data Protection (Processing of Sensitive Personal Data) Order 2000
  • Copyright, Designs and Patents Act (1988)
  • Computer Misuse Act (1990)
  • Health and Safety at Work Act (1974)
  • Human Rights Act (1998)
  • Regulation of Investigatory Powers Act 2000
  • Freedom of Information Act 2000
  • The General Data Protection Regulation

5. Policy Framework

5.1. Access controls

Only authorised personnel who have a justified and approved business need shall be given access to restricted areas containing information systems or stored data.

5.2. Equipment security

In order to minimise loss of, or damage to, all assets and equipment shall be physically protected from threats and environmental hazards.

5.3. Information security events and weaknesses

All information security events and suspected weaknesses are to be noted. All information security events shall be investigated to establish their cause and impacts with a view to avoiding similar events.

5.4. Protection from malicious software

The organisation shall use software countermeasures and management procedures to protect itself against the threat of malicious software. All staff are required to cooperate fully with this policy.

5.5. Monitoring system access and use

An audit trail of system access and data use by staff shall be maintained.

5.6. Business continuity and disaster recovery plans

The organisation shall ensure that business continuity and disaster recovery plans are produced for all mission critical information, applications, systems and networks.

6. Privacy

TextAnywhere will only collect information necessary to provide the TextAnywhere service. This includes name and contact information for clients and partners, as well as appropriate financial information from clients.

TextAnywhere will not pass any personal information to any third party at any time without your prior permission.

TextAnywhere may contact you for the following reasons:

  • In relation to the functioning of any service you have signed-up for in order to ensure that TextAnywhere can deliver the services to you
  • Where you have opted to receive further correspondence
  • In relation to any content you have uploaded to your account
  • For marketing purposes where you have specifically agreed to this

We will keep your information confidential except where disclosure is required by law (for example to government bodies and law enforcement agencies).

We will hold your personal information on our systems for no longer than is necessary for the service you have signed-up for. After this period, we will continue to hold relevant data for as long as it is required for tax and recording purposes. After the cancellation of any account, we will not use the data for any business or marketing purpose other than for tax and recording purposes.

Our approach, responsibilities, and commitment to your privacy are set out in our Privacy and Data Processing Policy.

Take a free trial today

No hidden charges for replies, support or features. Just pay for the services you use.

Back to Top