Data Protection Policy and Services

Driftrock puts Data Protection and Information Security at the core of everything we do. This is a quick summary of our Policies and Solutions that govern how we protect data for our Clients. If you would like to read the full Privacy Policy, then it can be found here

A trusted partner for both clients and end consumers
While our software helps brands with their digital advertising, the adverts they produce reach end consumers. Working with Driftrock should not affect the information security of either our clients or the end consumers they reach. 

In order to maintain the best possible Information Security standards across our organisation, we have chosen to operate an Information Security Management System to meet the requirements of the international standard for Information Security, ISO27001:2013. 

GDPR and Data Protection features
Driftrock has several product features and policies to help our clients stay compliant with GDPR and their own standards. You can read a full GDPR guide on these solutions here

Risk management
We operate a methodical risk management process for information security. This helps us track, measure and reduce risk to our clients and end consumers. Where possible, we advise clients on best practices to reduce risk. 

Data usage
Our technology and team process information from clients and end consumers. This data is kept segregated, and only used to fulfil the services we offer. This data is never used elsewhere, in any form. 

Team processes and policies
We ensure all our staff are trained on Information Security policies and procedures. New team members are given the training they require when they join the business, and any changes are communicated to the existing team. 

Key staff
Where possible, we limit access of information to only those team members who need access in order to fulfil the services we offer. We have procedures in place to remove access to data when no longer necessary, or people leave the business. 

Advertising Policies
Our software and services are designed to meet the requirements of advertising policies set by the platforms we work with.

Continuous improvement
We constantly look to refine and improve our Information Security objectives and procedures. These are defined and monitored throughout the organisation, and regularly reviewed to identify opportunities for continual improvement.