Trust Centre

Last Updated: 26th February 2020

Understand how we protect your data

The following are the terms and conditions on which you agree to be bound to when using our Sites, Membership Sites and Blogs.

The security, integrity, and availability of your data are our top priorities. We know how vital it is to you. To ensure you never have to worry, we only work with General Data Protection Regulation (GDPR) compliant businesses who use a multi-layered approaches to protect and monitor all your information.


Alpha4All Limited is registered with the Information Commissioner's Office (ICO). This means we are contractually committed to delivering our services in compliance with the Data Protection Act (DPA). We are also committing to complying with all requirements of GDPR.

ICO Registration Number: A8314189


Alpha4All works with a number of sub-processors, these sub-processors may manage your data on behalf of Alpha4All. All sub-processors are audited and have ‘data processing agreements’ in place to ensure they are all GDPR compliant.

To follow are example measures our ‘key’ sub-processors have in place to manage your data.

Physical Security

Our sub-processors have data centers hosted in some of the most secure facilities available today in locations that are protected from physical and logical attacks as well as from natural disasters such as earthquakes, fires, floods, etc.

  • 7x24x365 data centre Security;
  • Video Monitoring;
  • Controlled Entrance of pre-authorized personnel;
  • Biometric, two-Factor Authentication.

Network Security

Our sub-processors have network security teams and infrastructures helping protect your data against the most sophisticated electronic attacks.

  • Encrypted data protocols;
  • SSL (Secure Sockets Layer);
  • Control and Audit. All accesses are controlled and also audited;
  • Virus Scanning.

Security and control features

  • Zero knowledge password management & authentication;
  • 2-factor authentication;
  • Expiration date for links;
  • Admin console to manage groups;
  • Activity monitors and audit trails.

Audits

All our data processors have internal policies about management, knowledge sharing, risk, as well as the day to day operations for managing security and data protection risk. As part of GDPR, all data processors have agreed to audits.

Security Certifications

We work with sub-processors who are either awarded or working towards recognized security standards. All sub-processors are GDPR compliant

In particular, our database management system Zoho Corp has been awarded the following certifications to ensure you data is kept safe.

  • ISO/IEC 27001 is one of the most widely recognized independent international security standards.
  • SOC 2 Zoho is SOC 2 Type II compliant. SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the AICPA's Trust Services Principles criteria.
  • EU-US Privacy shield so your data is safe with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.

Full list of certifications can be found here.

GDPR

We are not required to have a data protection officer, any enquiries about our use of your personal data should be sent to our legal team at legal@alpha4all.com. Alpha4All has a steering committee who ensure your security is taken seriously. All members are General Data Protection Regulation (GDPR) staff awareness Certified.