Data Protection PolicyWeThrive's approach to data protection and data privacy
Information Security PolicySummary of all written information security policy elements
Information Classification PolicyDefines the information classification levels used relating to the confidentiality/integrity/ availability of information
Data Subject Rights Request PolicyDefine steps taken when a data subject exercises rights granted under the Data Protection Act 2018/GDPR
Information Transfer PolicySecure information transfer policy applicable to employees and third-party processors of company information
Incident Reporting ProcessFramework for reporting data protection incidents for all employees at WeThrive
Due Diligence ProcedureSuppliers who process personal data assessed to ensure compliance with data protection legislation and data security
Data Protection Impact Assessment (DPIA) ProcedureOutlining the procedure for completing Data Protection Impact Assessments
Acceptable Use PolicyRules related to the acceptable use of organisational information assets by staff, contractors, and third parties
Access Control PolicyPolicy to to implement strong access control measures across WeThrive’s network, information systems and premises
Password PolicyGuidance for creating strong passwords & details on the protection of those passwords
Security & Data Protection
APD for the Processing of Special Categories of Personal Data and Criminal Offences DataAppropriate Policy Document for the Processing of Special Categories of Personal Data and Criminal Offences Data