We are committed to compliance with personal data laws and the protection of the rights and freedoms of individuals whose information we collect and process in accordance with GDPR.
It is important to note that some elements of the legislation are still under consultation or guidance is still being issued so at the moment no organisation can state that it is fully GDPR compliant.
SBS is contacting partners, suppliers and subcontractors to obtain evidence of their compliance but we understand everyone is in the same situation and working to the deadline, so request that extra time is given for this element of the legislation.
SBS has performed full risk assessments on all systems and are working through any areas identified for improvement, but are fully confident we have not uncovered any serious threats.
SBS keeps a non-conformance log of any threats and carry out root cause analysis of all incidents, large or small, and devise immediate and long-term corrective actions.
SBS takes data protection very seriously. The systems we use to store customer data have secure access controls, they are password protected with varying levels of access to sensitive information. We have a comprehensive business continuity and disaster recovery plan in place. SBS staff are required to adhere to strict access controls including the physical security.
The SBS Environmental and Information Security policy is available on request.