Data Security Policy

At Zomi Communications Limited (incorporating The Gravitas Programme®, Leading with Gravitas® and Antoinette Dale Henderson brands), we recognise that integrating Corporate Social Responsibility (CSR), Environmental, Social and Governance (ESG) and Sustainability principles into our business operations is essential to building a sustainable and responsible company.

Purpose

Zomi Communications Limited is committed to maintaining the highest standards of data security to protect personal, sensitive, and business-critical information. This policy outlines the measures and responsibilities in place to safeguard data from unauthorized access, disclosure, loss, or misuse.

Scope

This policy applies to:

  • All personal, client, and business data handled by Zomi Communications Limited.
  • All systems, networks, and storage solutions used by the company.
  • All employees, contractors, associates, and third-party service providers engaged in company operations.

Data Security Principles

  1. Confidentiality: Only authorized individuals may access data relevant to their role.
  2. Integrity: Data must remain accurate, complete, and protected from unauthorized modification.
  3. Availability: Data must be accessible to authorized personnel when required for business operations.
  4. Accountability: Individuals accessing data are responsible for compliance with this policy.

Security Measures

1. Access Control

  • Access to data is limited to the Managing Director and authorized contractors who require it to perform their duties.
  • Strong, unique passwords and multi-factor authentication are used where possible.
  • User access is reviewed periodically and revoked immediately when no longer required.

2. Data Storage & Encryption

  • All digital data is stored on password-protected and encrypted systems.
  • Backup copies are maintained securely and regularly updated to prevent data loss.

3. Contractor & Associate Responsibilities

  • Contractors and associates are required to handle data securely, follow this policy, and report any suspected breaches or vulnerabilities.
  • Confidentiality agreements are in place where appropriate.

4. Device & Network Security

  • Devices used for business purposes are protected with antivirus software, firewalls, and encryption where applicable.
  • Wi-Fi networks used for company operations are secured with strong passwords.

5. Incident Response & Breach Management

  • Any suspected or actual data security breach must be reported immediately to the Managing Director.
  • Breaches are investigated promptly, mitigated, and, where required, reported to regulatory authorities, in line with GDPR and best practice standards.

6. Continuous Monitoring & Review

  • Data security practices are monitored regularly to identify vulnerabilities and ensure compliance.
  • This policy is reviewed at least annually, or sooner if there are significant changes to technology, operations, or legislation.

Our Focus

Through The Gravitas Programme and Antoinette Dale Henderson brands, Zomi Communications Limited:

  • Protects the confidentiality, integrity, and availability of all data.
  • Ensures contractors and associates are aware of and adhere to best practice security measures.
  • Maintains compliance with UK data protection laws and GDPR.
  • Promotes a culture of security awareness across the organization.

Governance & Responsibility

  • Managing Director: Antoinette Dale Henderson is responsible for enforcing this policy, monitoring compliance, and responding to incidents.
  • Contractors & Associates: Required to comply with the policy, report incidents, and maintain security of all data handled.

Signed:
Antoinette Dale Henderson
Managing Director and Founder
Zomi Communications Limited

This policy is effective as of January 21, 2025.

Scroll to Top