Privacy Policy for GI Media Ltd
Introduction
GI Media Ltd is committed to protecting the privacy and security of our Users' and Customers' data. This Privacy Policy outlines our practices for collecting, using, maintaining, protecting, and disclosing information. It ensures that we comply with all relevant regulations and industry standards, providing transparency and accountability in our data handling processes.
1. Data Collection and Use
● Personal Identification Information: We may collect personal identification information from Users when they visit our site, register, place an order, or engage with other activities, services, features, or resources on our Site. This information may include name, email address, mailing address, and phone number. Users can choose to visit our Site anonymously.
● Non-Personal Identification Information: We may collect non-personal identification information about Users whenever they interact with our Site, such as browser name, computer type, operating system, and internet service provider.
● Data Segregation: Customer data is stored separately from other client data and is processed independently based on the purpose for which it was collected.
● No Use of Customer Data for Testing: Customer data is not used for development or testing purposes. Instead, anonymised or synthetic data is used to ensure privacy and compliance.
● Encryption and Security: All data, both in transit and at rest, is encrypted using strong encryption protocols to protect against unauthorised access.
2. Data Storage and Availability
● Secure Storage Facilities: Backup data and tapes are stored in secure, access-controlled facilities with environmental controls to protect against damage.
● Uninterruptible Power Supply (UPS): All IT systems hosting Customer data are equipped with UPS units to ensure continuous availability and data integrity during power interruptions.
● Performance Reserves: Our systems are configured with sufficient performance reserves to guarantee full availability of Customer data at all times.
3. Access Controls and Monitoring
● Role-Based Access Control (RBAC): Access to Customer data is strictly controlled and limited to authorised personnel only.
● Segregation of Environments: Test and production environments are strictly segregated to ensure the integrity and security of production systems.
● Regular Audits and Monitoring: Continuous monitoring and regular audits are conducted to ensure compliance with our data protection policies.
4. Incident Management
● Incident Reporting: Any security incidents affecting Customer data are reported within 24 hours of discovery, along with the steps taken to contain and rectify the issue.
● Incident Response Plan: A detailed incident response plan is in place to detect, respond to, and recover from security incidents promptly.
● Priority Classification: Security incidents are categorised based on their severity and impact, ensuring appropriate and timely responses.
5. Compliance and Documentation
● Audit Pack: An audit pack is available to Customers upon request, demonstrating our compliance with contractual obligations and data protection standards.
● Regular Security Reporting: Continuous security reporting is conducted to monitor and assess the security posture of our systems and processes.
● Compliance with Regulations: Our practices comply with relevant data protection regulations, such as GDPR and ISO/IEC 27001, ensuring the highest standards of data security and privacy.
6. Employee and Third-Party Management
● Training and Awareness: Employees receive regular training on data protection policies and best practices to handle Customer data securely.
● Third-Party Vendor Assessments: Assessments and audits of third-party vendors are conducted to ensure they meet our security requirements.
7. Data Handling and Change Management
● Data Processing Systems: Any changes to data processing systems impacting Customer data are formally advised before implementation, with full documentation showing evaluation and testing.
● Change Management: Detailed documentation of system changes is maintained, including change requests, approvals, testing results, and implementation logs.
8. Secure Communication and Backup
● Secure Backup Plans: Robust backup and recovery plans are in place, with regular testing to ensure data integrity and availability.
● Secure Communication Channels: All administrative activities involving Customer data are encrypted to prevent unauthorised access.
9. Physical and Logical Security
● Physical Security: Data media and backup tapes are stored in secure, access-controlled facilities with tamper-evident packaging and secure transportation methods.
● Logical Separation: Logical separation of data is ensured through dedicated databases and strict access controls, maintaining the integrity and confidentiality of Customer data.
10. Continuous Improvement
● Ongoing Optimization: System configurations are continuously reviewed and optimised to improve performance and efficiency.
● Lessons Learned: Feedback and lessons learned from incidents and audits are used to enhance our data protection practices continually.
11. Web Browser Cookies
Our Site may use "cookies" to enhance User experience. Users may choose to set their web browser to refuse cookies or to alert them when cookies are being sent. Some parts of the Site may not function properly if cookies are refused.
12. How We Use Collected Information
GI Media Ltd may collect and use Users' personal information for the following purposes:
- To improve customer service and support needs
- To personalize user experience and understand how our Users as a group use the services and resources provided on our Site
- To improve our Site based on user feedback
- To process payments and provide services related to orders
- To send periodic emails regarding orders, inquiries, company news, updates, and related product or service information (Users may unsubscribe at any time)
13. Sharing Your Personal Information
We do not sell, trade, or rent Users' personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information with our business partners, trusted affiliates, and advertisers for the purposes outlined above.
14. Third-Party Websites
Our Site may contain links to third-party websites. We do not control the content or links on these sites and are not responsible for their practices. Users should review the privacy policies and terms of those websites.
15. Changes to This Privacy Policy
GI Media Ltd reserves the right to update this privacy policy at any time. Users are encouraged to frequently check this page for any changes and to stay informed about how we protect the personal information we collect.
16. Your Acceptance of These Terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
17. Contacting Us
If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at: GI Media Ltd (
Conclusion
GI Media Ltd is dedicated to ensuring the privacy and security of our Users' and Customers' data. By implementing these comprehensive measures, we maintain the highest standards of data protection,
integrity, and availability. If you have any questions or require further information about our privacy practices, please contact us.
© GI Media Ltd. All Rights Reserved. GI Media Ltd. is registered in England and Wales under Company No. 11253989. Use of this website is subject to our privacy policy. All purchases made through this site are subject to our Terms & Conditions.