Please be aware that this document is still a work in progress and will be changing regularly over the coming weeks. Last Updated 17/04/2018.
Our services are stored across internal and external data centres (see below).
Please note shortly we will have downloadable documents specific to each service ie off site back up/ hosted email/ web hosting.
UK Datacenter(s): Yes | iomart, ISO 27001 and 9001 certified and secured to UK government IL4 standards. With multi-factor access control, 24/7 onsite roaming security and CCTV
Internal Data Storage: Yes | Ahead4 Limited Premises' are located in the UK. Data is stored in a secure building with restricted user access, full CCTV cover, fire and intruder alarms with 24/7 security. Data only transmitted over secured VPN and IP's.
External Data Storage: Yes | Data only transmitted securely to select third parties with full data security practices: Google, MailChimp, Digital Ocean, Stripe, GoCardless, Namecheap, Nominet, DomainBox, GitHub, OpenSRS / Tucows, Signable.
Data Ahead4 Limited Host or Hold | We hold the following personal information internally on our intranet systems:
- Title, First Name, Last Name
- Address, Billing Address, and Postal Code
- Landline, Mobile Phone
- Payment Method
- Transactional payment information, such as card details will be held with either WorldPay, Stripe, Paypal, GoCardless or Barclays
Please note when our engineers work remotely/ on site or in one of the workshops on your computer they may be exposed to your data for short periods of time.
We have the below standards in place:
Ahead4 Limited use a compulsory signed document for existing and new staff, acknowledging all staff of the organisation understand data security and privacy and treat all data very seriously
Out of Hours
During this period Ahead4 Limited use stepped up security procedures to ensure peace of mind for both our customers and our internal systems. Areas of our internal system are locked out and in some cases, IP’s are blocked altogether preventing remote access.
On rare occasions we must transfer data drives whether contained within hardware or via a personal passport drive, backup drive or USB stick. We take your personal data very seriously and only authorised staff members are to access the data contained.
Sometimes when we carry out repairs of a device or upgrade internal storage hardware (e.g. from a Disk Drive to a Solid State Drive) an engineer upon request can back up your data; of which we hold up to an absolute maximum of 3 months / 90 days. If a customer doesn't retrieve data from the drive(s) using their own backup solution or the data is no longer needed an engineer will format the drive(s) and the will be data destroyed.