In today’s digital age, keeping data secure isn’t just important; it’s essential. With the amount of confidential and commercially sensitive information in circulation, companies must take every possible step to safeguard customer data. At Mi Hub, we place top priority on protecting customer data across all of our brands; Yaffy, Dimensions, Alexandra, and Affinity. We comply with the UK General Data Protection Regulation (GDPR) and adhere to best practices in cyber security to ensure the protection of data.
Here's a breakdown of how we approach data security and GDPR compliance with the highest standards and care.
Our data processing systems are built with advanced security measures that ensure the confidentiality, integrity, availability, and resilience of personal data. We protect data from prying eyes by using encryption and access controls, which work to secure information both in transit and when stored. Only authorised personnel can access sensitive information, adding an extra layer of protection. And with regular software updates and security patches, we stay ahead of potential vulnerabilities that could otherwise put data at risk.
Transparency and control are key to our data protection approach. When we collect data, individuals receive clear information on how their data will be used. Our processes make it easy for data subjects to exercise their rights, such as accessing, correcting, or deleting their information, or even transferring it elsewhere. We have dedicated staff within our Data Protection Office who are on hand to respond quickly and efficiently to any data-related queries.
Our consent management system ensures that we record and respect the choices of our data subjects. Consent is sought in a clear and straightforward manner, ensuring that users are fully informed about the data they share. We also provide options for individuals to withdraw consent if they wish and regularly review and refresh our consent mechanisms to ensure compliance with GDPR requirements.
We manage data for our customers within the UK or the EU to ensure full GDPR compliance. By avoiding data transfers outside the EU, we uphold our commitment to secure data handling and processing.
Every data processing activity we undertake is documented carefully, covering the purpose, categories of data subjects, data types, recipients, and retention periods. This meticulous record-keeping, overseen by our Data Protection Officer (DPO), allows us to meet all GDPR obligations and keep our data handling practices transparent and accountable.
We continually evaluate our data protection measures through Data Protection Impact Assessments (DPIAs). These assessments help us identify any potential risks and allow us to put strategies in place to mitigate them. To reinforce our compliance, we also perform regular audits, ensuring that our systems and processes are up-to-date and secure.
A culture of security is built from the ground up. All Mi Hub employees undergo GDPR compliance and data protection training when they start, with refresher courses provided regularly. By embedding data protection into our workplace culture, we ensure our staff understands and adheres to our high standards.
We are prepared with a clear incident response plan as part of our Business Continuity Plans. This ensures prompt action to contain any breach, as well as notifications to the relevant authority and any affected individuals, as required by GDPR.
Finally, when data is no longer needed, we ensure that it is disposed of securely and in a timely manner. Our policies dictate that data is only retained as long as it’s necessary for its intended purpose, reducing unnecessary data storage and risk.
Our extensive measures ensure that Mi Hub maintains the highest standards of data security and privacy, providing peace of mind to our customers and setting a benchmark for cyber security and GDPR compliance. Whether it's personal data or commercially sensitive information, we’re committed to protecting what matters to you.