Data Security

Safeguard Data Privacy: Cavendish Hepburn staff understand that our privacy policy is a pledge to our Clients that they will protect their information. Data should only be used in ways that will keep customer identity and the confidentiality of information secure in line with current legislation and the GDPR May 2018.

Password Management: A password policy is established for all employees who will access corporate resources. In general, password complexity is in line according to the job functions and data security requirements. Passwords are never shared.

Internet Usage: Internet usage on company equipment is to be used for the sole purpose of company business, which would include research.

Email Usage: Company emails should be used for the sole purpose of company business and may not be used for any other purpose. All emails should be logged against the relevant Client or third party on the Invenias database. Message content and sign off is always perceived as representative of the company and must be presented as such.

Mobile Devices: Are only provided to the two Company Directors for the sole use of Company business. The individuals should ensure they are password protected and kept securely.

Social Media: Is in the sole control of the Company Directors and will be their responsibility to continually present the Company in the best possible light. From time-to-time this may be done by consent with an external media agency.

Software Copyright and Licensing: The Cavendish Hepburn team comply with software copyright and licensing agreements. Employees should not download and use software that has not been reviewed and approved by the company.

Security Incidents: Any security breaches must be reported to the Directors of Cavendish Hepburn immediately including the reporting of malicious malware in the event it is inadvertently imported in order for them to take the necessary action and mitigate any risks.