Most personal data we have is held in an electronic form. Where we do have hard copies of data:

• Only CSI Training and Events Ltd staff have access to these documents (unless legally required otherwise)
• They will be stored appropriately in a secure cabinet
• They will not be left unattended in view of others when they are out of storage
• No unnecessary copies will be made
• If transferring to an electronic database, we will dispose of the hard copy on completion
• When disposing of this data we will ensure it is shredded and disposed of appropriately

We take the following measures to ensure our stored electronic data is safe:

• Our devices have virus software installed
• Firewalls are utilised on devices
• Devices are password protected and only CSI Training and Events Ltd staff have these passwords
• Devices are not left unattended and logged into accounts where personal data is stored
• We use online systems that have their own privacy policies in place and conform to GPDR guidelines (Dropbox, Firebase, HubSpot, Mailchimp, Royal Mail, Stripe). Please see: https://csitrainingandevents.com/third-parties for more information
• Only CSI Training and Events Ltd staff have access to all accounts holding data
• Our website utilises malware monitoring and ID protect software
• We delete old or unnecessary data