Compliance

Arctic Shores is proud to comply with the GDPR and Data Protection Act 2018, as well as other regulations and laws that impact our business.

Arctic Shores is ISO 27001 certified. We have a mature information security management system in place to ensure that the appropriate controls to protect your information are implemented within the business. ISO 27001 compliant policies and procedures ensure all your data is treated appropriately, securely and in line with business requirements, laws and regulations. These policies are reviewed on an annual basis, or when a significant change occurs.

Our risk management framework defines our assessment and treatment of information risks within the business, in line with the ISO/IEC 27001 standard. Risk assessments are carried out by the Data Protection & Information Security Manager at regular intervals, in line with the Internal Audit Schedule. All risks are logged in the Risk Register.

We conduct risk assessments on all third party vendors we engage with, to ensure data security and privacy. Our third parties have relevant certifications and privacy controls in place to protect your data. The third parties inside and outside of the EEA have GDPR compliant contracts in place to allow compliant transfers of data.