Main Navigation

Our Data Security Policy



Data security and confidentiality
are our highest priorities
  



We take our obligations as custodian of our clients' data extremely seriously.  We abide by both the letter and the spirit of the Data Protection Act to ensure that records are kept or destroyed in accordance with the law in service of our clients.

We are fully computerised and all of our computer records are encrypted to the extent that even if nefarious parties were able to steal them, they would be useless to them. Paper copies of all documents containing client data are scanned to encrypted media and then either destroyed (if ours) or returned to our clients.

We use digital signing to verify our email so that our clients and any companies we communicate with on behalf of our clients can be assured of the validity of messages.  We also use encryption whenever sending or receiving any client information by email - this ensures that if the email goes astray or is intercepted en-route it is useless without the relevant passphrases.  We don't often exchange information with clients by email but if you want us to email you anything important we'll help you ensure it's secure.

If you'd like to know more about data encryption you can read about it on Get Safe Online's "Use Encryption" page by clicking here or the Information Commissioner's Office's "Our Approach to Encryption" page by clicking here.






Disaster Recovery




We back up all our data incrementally both on-site and off-site in encrypted form, ensuring that in the event of fire or flood we would be able to restore service to our clients promptly. 

We have a disaster recovery plan in place and we engage a locum adviser firm which would take over servicing our clients if we were unable to.






Computer Security




We use Debian GNU/Linux operating system almost exclusively and we try to use Free and Open Source Software wherever possible.  We do this because when compared to some proprietary systems we believe this is more reliable, allows us a higher level of control and customisation and is typically regarded as less susceptible to attack by malware like viruses and "trojans".

The overwhelming majority of viruses and other "malware" can only attack proprietary systems like Microsoft Windows.  Although malware threats do of course exist which can target other operating systems including Debian GNU/Linux they are far less common, hence we believe that using these systems reduces the risk of compromise.  We use antivirus software on all of our systems and run daily scans and updates. We regularly update our software to ensure that it remains secure.

Some 3rd party websites and software providers require the use of proprietary systems and do not provide us with any alternative.  In order to use these services for our clients whilst minimising risk we run them within "virtual machines" - essentially we run a computer within a computer.  This lets us do two things - firstly we can control exactly what information the proprietary systems have access to, and secondly when we've finished using them we can completely shut them down and switch back to Debian.
More information about Debian can be found here: www.debian.org




 Get Safe Online




If you would like to know more about computer and internet safety, we'd recommend "Get Safe Online" which is the UK’s national internet security awareness campaign for the general public, micro and small businesses.  It is a joint initiative between HM government, the Serious Organised Crime Agency (SOCA), and private sector sponsors from the worlds of technology, retail and finance.

The campaign website www.getsafeonline.org is the definitive source of free, unbiased, current information and advice about how to keep safe and secure online.  



 

Content copyright 2012 Whitchurch IFA Ltd.  All rights reserved.


Private Limited Company Registered in England and Wales number 7859123

All images are either bespoke, provided by GoDaddy image library or modified works 
released under Creative Commons License without restriction.  For specifics please contact us.

Proud supporters of the Noah's Ark Appeal - official charity of the Children's Hospital for Wales.
Click the logo to the right to help!

To learn about our data protection, confidentiality and IT security policies click here.


The content of this website is intended for private individuals and introducers in the United Kingdom only.  It is intended to provide generic information only and constitutes neither financial advice nor an offer to provide financial advice.  We strongly recommend that all parties seek professional financial advice before taking out, funding, amending, crystalising, taking income from or cancelling any financial policy, product, instrument, contract or commitment.  If you would like to seek advice on any of the aspects mentioned on this website from us please click here to contact us.

If you wish to register a complaint, please write to us at 70 The Philog, Cardiff CF14 1EB or telephone 02920009479.  A summary of our internal complaints handling procedures for the reasonable and prompt handling of complaints is available on request and if you cannot settle your complaint with us, you may be entitled to refer it to the Financial Ombudsman Service at www.financial-ombudsman.org.uk or by contacting them on 0800 023 4 567. 


Whitchurch IFA Ltd is not responsible for the content of external websites linked from this site.



Whitchurch IFA Ltd is authorised and regulated by the Financial Conduct Authority, number 572461.

Will-writing and provision of Lasting Powers of Attorney are not regulated by the Financial Conduct Authority