Compliance Statement:
Kidatu has worked closely with the civil and family courts for over a decade. We understand how important data privacy and security are to retaining the trust and confidence of your clients.
It is important to note that the document on this page is not KIDATU’S privacy policy. It is a statement designed to display KIDATU’S best practices and integrity. For details of the privacy policy please visit Terms & Conditions > Kidatu
This document outlines the policies and procedures that Kidatu employs to maintain data protection compliance and security.
Lawfulness: Kidatu processes the personal data of its subjects with the express intention of providing a smooth and efficient customer experience for those taking part in its conference call platforms. All the data which KIDATU processes is dealt with fairly and lawfully. Should the subject wish to make a data access request, KIDATU has procedures in place to honour this promptly and efficiently according to current ICO standards.
Data accuracy: Kidatu’s long experience in the industry means that we appreciate how important it is to convey precise information in legal proceedings. Our staff are trained to a high standard to ensure that accuracy is always maintained. Any information held by KIDATU found to be inaccurate will be amended as soon as possible upon request.
If you wish to make a data access request or have any other query concerning data protection or how KIDATU uses your data please email: GDPR@kidatu.co.uk
Accountability: KIDATU is committed to the data protection principle of accountability. All data processing within the organisation is undertaken by staff who understand the importance of privacy. Regarding your personal data, they are accountable under the terms of their employment, the rights and standards expected in the KIDATU staff handbook, and the accountability requirements of His Majesty’s Courts and Tribunal Service. These standards are overseen by a dedicated compliance officer who ensures KIDATU remains compliant with the required standards.
| Physical security | All offices and storage areas are protected by an electronic swipe card on the exterior doors and all individual offices have additional locks. |
| Electronic pass and key controls | All electronic key cards issued by KIDATU or its landlord are logged and can be digitally deactivated at any time. |
| Data subject security | All data subject information is held in a tier 1 datacentre |
| Equipment access | All equipment that has access to personal data or sensitive company data of any kind can only be accessed by designated admins. |
| Software and Applications | Pc’s and laptops in use all have minimum of Windows 10 with security updates downloaded and installed automatically. New Applications can only be installed via admin privileges. |
| Network access | Computer logins are controlled by Active Directory so only allowed users can log onto the PC’s and log on can be blocked at any time if required. A password policy is used which forces passwords to reach the minimum requirements and to be changed regularly. Access to any online applications is made via HTTP’s secure internet browsers. Internal software and systems can only be accessed when connected to the Kidatu’s secure network. |
| VPN access | All remote employees can only access internal company applications and systems through a secure encrypted VPN. |
| Encryption | All data stored on our servers are encrypted and our domain controllers have bitlocker to ensure all data contained on them is securely encrypted so can not be viewed by anyone other than employees with account access. |
| System Updates | All Pc’s are kept up to date with windows security updates. Our firewalls have firmware patched and updated whenever a new update is available to ensure security is kept to a maximum. |
| Data Backups | All our data is backed up daily and stored on a separate drive. We also have a backup domain controller and server at different locations in case of outages. |
| Website | Our website has an up-to-date SSL certificate which means data transfers are secure and encrypted. For admin access to the website, we have password requirements. When new logins occur, we receive an email confirming the IP address that has just logged on and if suspicious, we can change passwords and log them out. |
| General | All our networks are protected by our firewalls and any internet access is controlled by an antivirus software which restricts types of traffic and URLs. This antivirus software runs regular |
