Super Records is an ISO 27001-certified company and is committed to ensure the safekeeping and collection of personal information.
Collection of Personal Information
Super Records does not contact your clients directly or indirectly. Any client information is collected via the Accounting or Financial services firm.
The information we are provided include:
- Names, Address, DOB and POB
- Personal and Employment details
- Personal health, insurance & Financial information
- Financial information – such as income, expenses, superannuation and investment details
Use of personal information
Super Records provides the following types of services:
- Business Services
- Dedicated Resource Accoutants
- Payroll Services
The collection and use of personal information is only to facilitate one or all of the above services to your firm as requested by you.
Super Records only uses personal information for the purpose(s) for which it was given to us and for directly related purposes (unless otherwise required by or authorised by law) or as consented to by you or your firm.
Disclosure of personal information
Super Records will only provide the information to their staff that relate specifically to the jobs requested by your firm.
The information will not be provided or sold to other institutions. If there is a legal situation, the information may be provided in accordance to the law.
Storage and Data Security
Super Records stores all the data electronically on secure servers. Our servers are located in Amazon data centers having globally hosted at sites in the United Kingdom.
We have takenthe necessary measures to ensure our data integrity is not compromised. The data is stored for 10 years for compliance, auditing purposes and removed thereafter.
Our secure delivery centre is equipped with the latest technology, infrastructure and dedicated technical staff to ensure our working environment has complete reliability and security for our clients’ data.
We are an ISO 27001-certified company, this means our offices and systems are on par with international best practice for information security management.We do not use third party contractors to complete any work.
Biometric scanners and access cards are required to enter our offices.Only authorised personnel are allowed to enter the office and processing centre. Physical documents, books and other devices are prohibited in the processing centre. The entire office is monitored by CCTV. All PC’s are desktops running a ‘dumb terminal system’. Ability to save and store data on the PC is disabled. CD Rom and other drives (USB) have been removed. Access to physical/removable drives (external hard drives) have been disabled. Printers and scanners are also not available within the processing centre. Staff are required to keep personal belongings including bags, books or mobile devices in secure lockers provided outside the main processing centre.
Internet activity is heavily controlled with websites required to be added to a “whitelist” before they can be accessed. Staff are unable to access personal emails from the office and work emails are unable to send data outside the office. Our intranet, internal portals, software and sites have IP Authentication in place so that no one can access these records outside our office premises. Access to our internal software is password protected with strength measurement. Passwords are also required to be updated on a regular basis. All terminals include screen snapshots and are regularly audited to ensure staff are following security guidelines. All our terminals and servers are installed with firewalls, antivirus software, intrusion detection software and prevention systems to minimise any exploits or attacks. Our security software is kept updated at all times and when required. All PC’s within our organisation have an auto-lock feature to ensure PC’s are not kept unlocked. Wireless connections are prohibited within our back-office in India.
Access to personal information
Your firm and staff can access the personal information that you provide. Super Records will take the necessary steps to identify that you are a client of Super Records before they provide the information to you.
If you have any questions regarding this information, please feel free to get in touch with us.