Talieisin has subscribed to the complete GDPR and Cyber Security service from CyberSmart and subscribes to additional services from Naq Cyber. Both CyberSmart and Naq Cyber are NCSC affiliated cyber security providers, accredited by the IASME consortium to provide Cyber Essentials and IASME Governance certifications.
Through Talieisin's subscription to Naq, we have a complete set of Data Protection Legislation compliant documentation which have been reviewed and signed by all Talieisin employees. In addition to this, all Talieisin employees have completed Naq’s set of Data Protection and Cyber Security training courses.
Our security strategy covers all aspects of our business, including:
This page aims to provide an overview of the technical and organisational measures taken by Talieisin to ensure security and legal compliance.
Our working premises are secured and can only be entered with a dedicated keyset. Visitors are only allowed into the premises upon invitation from one of our staff members and their presence in the working environment where data may be accessed is strictly controlled.
We do not hold any form of personal data in our working locations. Our network equipment has been securely configured to remove the default network name and password as well as guest accounts, and its firmware is regularly patched.
The data you exchange with us via our website, email or other communication channels is stored on, and exchanged through, secure third-party data centres. These data centres secure your data through encryption, back-up and strict location tracking and access controls. The physical security measures taken to secure these data centres range from secure perimeter defense systems, comprehensive camera coverage to biometric authentication.
Talieisin complies with allrelevant data protection legislation through security policies and processes.Talieisin has carried out a Data Protection Impact Assessment and physical risk assessment to identify risks and the necessary measures to remediate these. We further keep and regularly update the legally required policies and have strict retention periods for personal data in place.
Talieisin requires all new staff to read and sign our extensive Information Security Policy, which details how staff are expected to keep your data safe and secure. This policy includes, but is not limited to, a secure remote working policy, requirements on passwords, multi-factor authentication, encryption of devices and stringent access controls.
Talieisin has appointed a Data Protection Officer, who is responsible for ensuring adherence to all Talieisin Ltd policies and procedures, regularly updating policies and procedures and ensuring that all staff are adequately trained on handling personal data under the relevant data protection legislation.
Talieisin has also appointed an Information Security Officer, responsible for all technical security measures and responding to a security incident within a reasonable time frame in accordance with our Incident Response Policy.
All Talieisin Ltd employees undergo regular security training and phishing tests throughout their Talieisin careers.This training covers, amongst others, how to handle personal data; how to deal with Data Access Requests and Data Breach obligations.
All Talieisin Employees are required to sign a confidentiality agreement upon hiring, which ensures that all personal data owned by Talieisin Ltd will not be made public to an unauthorised recipient. This confidentiality agreement is enforceable by a penalty clause.
All third parties in the Talieisin supply chain are evaluated on their level of security. Through signing processing agreements, we ensure that these third-party suppliers uphold the highest standards of security and compliance possible. Talieisin regularly audits third-party suppliers and has ensured it can end the relationship immediately if the audit reveals inadequate levels of security and compliance.
All laptops and workstations are secured via full disk encryption. We update devices as soon as updates become available and monitor workstations for malware. Talieisin has the ability to remote wipe a machine.
Talieisin has achieved Cyber Essentials Plus certification for controls relevant to security, availability, and confidentiality. We have hired an independent third party to validate our processes and practices with respect to these criteria and topics.
Talieisin uses different communication tools for communications between teams and with our customers. Talieisin has data processing agreements in place with all of these communication tool providers to ensure appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing and against accidental loss, destruction, damage, theft, alteration or disclosure are in place. In line with the relevant data protection legislation, Talieisin does not transfer data to countries outside of United Kingdom without strict measures in place such as Standard Contractual Clauses or an approved adequacy decision.