Data

Chesnara maintains a business continuity plan (BCP) that makes sure recovery and continuity of all critical services will be achieved within an acceptable time frame. 

The plan is regularly reviewed and tested at least once a year. 

The Group has no appetite for any critical business services being unavailable in each of its business units beyond what local management consider acceptable.

Cyber risk means any risk of financial loss, disruption or reputational damage to customers or any part of the Group as a result of our information technology systems. This includes digital technologies, devices and media. Responsibility for cyber risk extends beyond the IT team and preventing any risk is a Group concern.

The Company has an Information Security Policy Framework that features policies on all topics relevant to protecting and keeping safe the Company and UK based employees’ information and IT assets. This includes the legal requirements of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, introduced in May 2018. 

Personally identifiable information is only collected where it is specifically and knowingly provided. However, our web server does collect basic information, such as the visitor’s internet service provider's domain name and the pages accessed and when, during a visit to the site. This information is used to analyse the use of our website to help guide improvements.

The Group does not accept poor data quality as a reason for a material misstatement of financial or non-financial information to customers, shareholders, regulators or public bodies. The approach to data quality complies with all relevant regulation, including data sourced and managed both internally and through our Outsourced Service Providers.

The Company has an Information Security Policy Framework that features policies on all topics relevant to data security, protecting against any material loss of and/or unauthorised or illegal access to confidential personal or business data.