Skip to content

Security statement

At Ipsum, we are committed to protecting the confidentiality, integrity, and availability of all data entrusted to us. Our approach to security is rooted in transparency, compliance, and the implementation of industry-leading practices to safeguard your information.

Our commitment to security

Ipsum has implemented a comprehensive Information Security Management System (ISMS) aligned with the principles and controls outlined in ISO/IEC 27001:2022, Our commitment ensures that we:

  • Protect data from unauthorised access, alteration, and destruction.
  • Maintain operational continuity and resilience against cyber threats.
  • Comply with all applicable data protection laws, including the UK GDPR and the Data Protection Act 2018.

Security measures

To ensure the highest level of protection, we employ a range of technical, organisational, and procedural controls, including but not limited to:

  • Encryption: All sensitive data, including personal information, is encrypted both in transit and at rest using industry-standard protocols. Our website enforces HTTPS to ensure secure communication between users and our servers.
  • Secure Website Practices: Ipsum.co.uk is continuously monitored and maintained to safeguard against vulnerabilities. Regular security updates, patches, and audits are conducted to keep our website secure.
  • Access Controls: Role-based access ensures only authorised personnel can access sensitive information stored on our systems.
  • Data Handling: Any personal data collected through our website is handled in compliance with the UK GDPR and Data Protection Act 2018, ensuring secure processing, storage, and deletion as required.

Compliance and certifications

We adhere to all applicable security and privacy regulations, including the UK GDPR, Data Protection Act 2018, and industry-specific compliance standards. Ipsum is ISO/IEC 27001:2022 certified to ensure continued alignment with the latest best practices.

Third-party security

Any third-party vendors, partners, or subcontractors engaged by Ipsum undergo rigorous security and compliance assessments to ensure they meet our security standards. All third parties are contractually bound to protect any shared data in accordance with our policies and applicable laws.

Your responsibilities

Whilst Ipsum implements robust security measures, we also recommend that users adopt safe online practices, including:

  • Using strong, unique passwords along with MFA for all accounts.
  • Ensuring that devices used to access our services are secure and up to date.
  • Reporting any suspicious activity or security concerns to us immediately.

Reporting security concerns

If you identify a potential security vulnerability or have concerns about the safety of your data, please contact our security and compliance team at GDPR@ipsum.co.uk. We take all reports seriously and are committed to swift action.

Update to this statement

This Security Statement is subject to annual review and may be updated to reflect changes in our practices, technologies, or regulatory requirements. We encourage users to review this page regularly.

As the CEO of Ipsum, I am fully committed to upholding the principles outlined in this Security Statement. Protecting the confidentiality, integrity, and availability of information is at the core of our operations and reflects our dedication to providing a secure and trusted environment for our customers, partners, and employees. I personally endorse this Security Statement and expect all members of the Ipsum team to adhere to the measures and policies set forth to maintain our high security standards.