Data Protection Compliance
Our stringent Data Protection procedures ensure that all personal data is treated in the strictest confidence. We adhere to all relevant laws and regulations:
- Data Protection Act 1998
- The Computer Misuse Act 1990
- The Copyright Designs & Patents Act 1998
- The Regulation of Investigatory Powers Act 2000
- The Human Rights Act 1998
- The Lawful Business Practice Regulations
We have built our multi-source consumer universe from fully Data Protection compliant databases available in the public domain. We adhere strictly to the eight Data Protection principles that require that personal data, including sensitive data, to:
- be obtained and processed fairly and lawfully and shall not be processed unless certain conditions are met;
- be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose;
- be adequate, relevant and not excessive for those purposes;
- be accurate and kept up-to-date;
- not be kept for longer than is necessary (N.B. retention of data for historical or statistical research is allowed under Section 33 of the Act);
- be processed in accordance with the data subject’s rights;
- be kept safe from unauthorised access, accidental loss or destruction;
- not be transferred to a country outside the European Economic Area unless that country has equivalent levels of protection for personal data.
Data Protection Registration
Our Data Protection Registration number is Z708281X. Authenticated: Data Protection Public Register.
Financial Conduct Authority
We are authorised and regulated by the Financial Conduct Authority (with consumer credit reference number 565961).
We operate a stringent Data Security policy, a copy of which is available upon request.
Code of Practice policy
We adhere to numerous code of practices set up by various professional membership organisations. Copies are available upon request and our compliance is assured by way of regular audit and annual declarations.
LexisNexis takes data security seriously and offers secure access with 128 bit encryption at no additional cost. Our robust systems ensure that our market leading web-based solutions remain operational to provide an extremely reliable service. Downtime is kept to an absolute minimum and whenever possible, major data upgrades and routine maintenance are processed outside normal business hours.
Our servers are hosted in state of the art data centres in Newport and London. The facilities provides climate control for optimum performance of all equipment, water detection, 24/7 security, power supply with UPS and a backup generator. The facility also benefits from very early warning smoke detection systems with fire extinguishing equipment.
Our Internet connection benefits from a BGP network which finds the fastest route to host. The connection will also automatically switch to our back-up upstream provider in the event that our primary should fail. Our network also has peers with most large internet service providers; our BGP system will select a peer if available.
Our network is secured using dual firewalls running in a high availability pair. The firewalls feature deep packet inspection, intrusion prevention, anti-virus protection; DoS attack protection capabilities for real time protection against today’s dynamic threats.
Our entire network is load balanced, providing unbeatable performance combined with true reliability. Systems will remain 100% operational even if the network suffers multiple hardware failures.
We use Dell servers; they have proven to be very reliable and great performers. Each of our servers is selected for high availability, incorporating dual processors, dual power supplies and hot swappable SCSI drives running RAID. Our policy is to maintain enough server processing power for our services usage to burst to 400% of its normal usage without losing any speed.
We use an advanced monitoring solution that allows us to quickly recognise problems and monitor performance.