Veremark have the legally required technical and operational safeguards to protect the data. From a technical perspective we are audited against the following standards; ISO 27001 (Information Security Management), ISO 27701 and BS 10012 (Privacy Management), ISO 27018 (PII in the Cloud) and SOC2 (Service Organisational Control). From an operational perspective we are audited against ISO 9001 (Quality Management), ISO 14001 (Environmental Management), ISO 22301 (Business Continuity Management). Veremark acts only on the requests of the data controller, a communication which is transmitted electronically and form part of the audit trail. All data stored has TDE encryption at rest, preventing use outside of an authorised process chain.