Policy
Some of the policy we adhere to at SoloProtect.
SoloProtect specifies the use of quality components to give our product platforms the maximum life cycle in the marketplace and a low incidence of product failure. Where devices do fail or are classed as 'end of life', they are disposed of properly.
WEEE Producer Responsibility in Europe.
The European Union (EU) has implemented the Waste Electrical and Electronic Equipment (WEEE - 2002/96/EC) Directive to ensure the proper collection, treatment and recycling of waste electronic products in the EU countries.
As a producer of electronic and electrical equipment, SoloProtect Ltd complies with the WEEE Directive. Under the Directive and its implementing regulations, when customers lease one of our devices they are entitled, at the end of their lease agreement to send the new unit back for recycling.
If the device was purchased outright from SoloProtect Ltd as part of a SoloProtect package, then the unit can also be returned at the end of the agreed contract period. If the device was purchased for resale, it is the responsibility of the purchaser to dispose of the unit according to the regulations, unless previously agreed with SoloProtect Ltd.
Data Protection and Data Handling:
We take our data protection and data handling responsibilities extremely seriously due to the nature and sensitivity of the many different data types that we process on your behalf.
We collect, process, store, communicate and delete information in a responsible manner, complying with current legislation and regulatory requirements & standards to which we are accredited.
For information about our Privacy Policy, or information relating to Cookies or Retention, please visit our Privacy page.
Information Classification:
Information created, received and managed by SoloProtect is classified appropriately based on the sensitivity of the contents and its purpose.
These internal classifications also determine the appropriate controls regarding access and restriction of data and any associated risks/consequences stemming from damage/interference or unauthorised access to it.
Different access levels across SoloProtect Limited are defined to ensure permission levels are set once a classification has been assigned to a set of data.
All SoloProtect employees, contractors or stakeholders are subject to security screening to BS7858 (2019) standards prior to being provided access to any information, system, business area or data.
Protection from unauthorised access:
We employ a variety of methods to ensure your data is safe and secure with us. These include items such as complex password protection, data encryption, VPN secure access & physical access control.
Due to our desire and focus on maintaining a high level of security, this is obviously not an exhaustive list of all the controls that we have in place.
Cyber-attack is an ever-evolving and ongoing threat. We perform regular internal system stress tests as well as commissioning a regular systems penetration test from an external independent provider, to continually test the effectiveness of our security measures.
Transfer/Exchange of information:
Information and data can be transferred and exchanged through several direct and indirect methods including Spoken word (Telephony based communications or face-to-face), Post, Fax and E-Mail, Internet/Intranet, Electronic File Transfer, Web-based portals, Magnetic Media (CD, DVD, USB Memory Stick and any other Data Cartridges) and Print, Video and Film.
We ensure that these methods are secured with appropriate & relevant controls in line with the methods described in the section above.
We also place intense scrutiny on ensuring that any information being transferred is from a source, and to a recipient, authorised to send and/or receive it.
We ensure that information is stored under conditions that protect it from threats/hazards to physical integrity such as malicious intent to damage/sabotage information, fire, flood and magnetic field damage and general wear and tear.
Access to physical storage devices, facilities or areas containing data, have appropriate permission restrictions in place, ensuring that access is only available to our employees to the data required to perform their duties.
Destruction:
Physical destruction of digital/non-digital media is done securely and in line with industry/regulatory requirements, ensuring that any such destroyed information is unable to be reconstructed later.
Data Breaches:
Should this unlikely event occur, we have defined processes in place to ensure that matters are handled quickly, the impact is minimised or mitigated and that relevant parties are informed at the earliest opportunity.
SoloProtect is accredited to ISO 27001. You can find more information about this on our Accreditations page.