When you request information from Creative Networks, sign up to any of our services or purchase from us we obtain information about you. This statement explains how we look after that information and what we do with it.
We have a legal duty under the Data Protection Act to prevent your information falling into the wrong hands. We must also ensure that the data we hold is accurate, adequate, relevant and not excessive.
Normally the only information we hold comes directly from you. Whenever we collect information from you, we will make it clear which information is required in order to provide you with the information, service or goods you need. You do not have to provide us with any additional information unless you choose to do so. We store your information securely in an audited document repository and we restrict access to those who have a need to know. We train our staff in handling the information securely and respectfully.
Most of our services are delivered from Creative Networks Head Offices in Rochdale, operating a Field Team that works across the country. All of your information is stored in Rochdale, with secure access routes for those operating in the field. We use your information to deliver our managed services and projects, occasionally contacting you with opportunities for involvement and feedback. You have the right to ask us not to contact you in this way. We will always aim to provide a clear method for you to opt out. You can also contact us directly at any time to tell us not to send you any future marketing material.
Should you have any questions in relation to our approach to Data Protection and Information Security please contact firstname.lastname@example.org
Cyber Essentials Certification
Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security
Creative Networks Limited is registered with the Information Commissioner’s Office. The ICO is the UK’s independent body set up to uphold information rights.
We are bound by the Data Protection Act and committed to comply with the GDPR.
ICO Data Controller Registration: ZA045856
ESET Endpoint Encryption
ESET began life as a pioneer of antivirus protection, creating award-winning threat detection software.
FIPS 140-2 Validated 256 bit AES encryption for assured security.
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union.
The General Data Protection Regulation expands and standardises data protection across the whole of the EU Enforced from 25th of May 2018.
IOMART Data Centre
All the expertise, experience and technology you need to drive tangible business benefits from the cloud.
Our systems are monitored by Remote Monitoring Services to ensure our systems are up to date and up
2 Factor Authentication
We use and enforce 2 factor authentication wherever possible and appropriate
Information Security Frequently Asked Questions
To help you find key answers quickly, we have compiled and consolidated some of the most frequently asked questions below:
Who owns our data? Your data belongs to you. As our customer, you are classed as the ‘data controller’. As your supplier, we are classed as the ‘data processor’.
What happens to our data when we leave? We provide you with an export of all your data, and then remove it from our systems within 45 days. Any documents we have will be returned in their original format. Anything else is sent in CSV or other suitable format.
How often is our data backed up? Your data is backed up daily. In the event of a total failure, our infrastructure means we can recover your data quickly and reliably.
What about Managed Services? As a Managed Service Provider we manage third party services. Managed Services we provide are compliant with GDPR and you have your own relationship with the Service Vendor in regards to data. If you have particular governance rules, we can ensure you are compliant.
Who can access my data? Only you, and a small number of vetted and authorised staff can access your data. Any member of this team, will only ever access your data to perform specific tasks on your request via our support desk – and any action they take is logged and easily auditable. Access to any sensitive data is logged.