MOMENTUM PARTNERSHIP INFORMATION SECURITY POLICY
Momentum Partnership holds the following types of data used for our B2B marketing activities including data owned by us and data supplied to us but owned by our clients.
Details of companies
Details of contacts within those companies including personal data that is restricted to Name, corporate telephone number and corporate email address.
We carry out data processing services internally and for our clients.
We also hold information of a commercial nature on projects that are carried out for our clients, our dealings with suppliers and our financial performance.
Additionally, we hold and process personal data in relation to our employees.
We recognise our legal responsibility to ensure that data is kept secure at all steps in our processes.
This Policy has been and our ISMS (information security management system) is being developed in accordance with the requirements of ISO 27001:2013 to ensure that we remain compliant with all legal and regulatory requirements including those provided by the Data Protection Act, the General Data Protection Regulations, the Privacy and Electronic Communications Regulations and our contractual obligations.
Therefore, to protect the confidentiality, integrity and availability of our information, senior management have approved this policy and the implementation of our information security management system (ISMS)
Our approach to information security will be based on the control of risk, as per the standard and best practice.
We are committed to establishing and continually improving our ISMS (information security management system)
We have developed a framework for setting objectives which will establish an overall sense of direction and principles for action regarding information security
Information security is not just something we do; it is an organisational culture and one that is deeply embedded in Momentum Partnership’s business.