|Last updated January 1st 2018|
One of the primary purposes of cookies may be to provide a convenience feature to save you time. For example: if you enter data into a web page or navigate within our the web service a cookie helps the the web service to recall your specific information on subsequent visits. This simplifies the process of delivering relevant content, eases site navigation and so on. When you return to the the web service the information you previously provided can be retrieved so you can easily use the web service features that you customized.
Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies you may not be able to fully experience the interactive features of this or other web services you visit.
To control your cookies using Internet Explorer 6 or 7: from the top menu select "Tools" and then "Internet Option". Click on the "Privacy" tab and adjust the vertical slide bar to "Medium" and press the "Apply" button. Click on the "Advanced" button and clear the "Override automatic cooking handling" box - it needs to be clear to use the web service in an effective way. Click the "OK" button. As an extra option you may click on the "Edit" button and enter "ties.oncrm.co.uk" and press the "Allow" button.
|Business documents are created to be sent to customers and suppliers. It would be illegal for business documents to the copied or printed and stored in a local office - unless the full security requirements can be provided and a data protection license obtained.|
Directive 6 states that data must be processed in line with peoples rights - that means at least password protection to prevent access by unauthorized people. Where data such as a cover note is printed or stored on a local computer, password data security can be bypassed by simply taking the hard disk and connecting it to a different computer - this is not adequate and fit for purpose.
Directive 7 states that the data must be secure and this is generally interpreted as data must be encrypted and stored in a physical location where it cannot be stolen - 24*7 manned location with CCTV surveillence as a minimum. By storing data in document format it is not encrypted and such a breach of security is an illegal act subject to fines with those responsible being criminally liable and paying compensation to all clients whos data is not safe.
|European Union Directive 95/46/EC.|
It is a business requirement that this application service conforms with all applicable laws and regulations and is able to defend its legal status with a fully documented audit trail.
ITIL standards define that each application service design is reviewed by qualified security people to verify its compliance with generally accepted best practice, regulation and legal obligations. Changes shall be made to deliver a service that is decent and does the right thing, while removing anything that may be illegal, unfair or unreasonable. Legal obligations override all other business requirements.
The European Data Protection Directive defines eight directives that are business requirements and must never be violated, questioned or ignored - its the law.
Where any person is asked to do something that may violate any of the eight directives, then they should report the dilemma to the Information Security Manager who must work with the application owner to resolve the issue and stay legal.
|LeXica Ltd store data in several encrypted databases in physically very secure data centres in the UK in accordance with data protection registration number PZ9322564. LeXica Ltd do not store any client data on any computer that could be stolen or lost. LeXica Ltd strongly recommend to all business associates that no client data should ever be copied or saved onto a local computer that may be stolen or lost - such action would be illegal under European law.|
|On 25 Jan 2012 the European Commission unveiled a legislative package to establish a unified European Data Protection Law. The package included a "General Data Protection Regulation" that will be directly applicable in all 27 member states. The sanction in the case of a breach of the EU Data Protection Law is a penalty of up to 2% of world wide turnover - any data leak or security breach must be reported to authorities and all clients within 24 hours..|