Security Statement

Here at summ.it we give the security of the Hub and the data stored within it our utmost priority.

We appreciate that in today’s fast moving technological environment, clients want to know that as much as possible is being done both reactively and proactively to manage the risk of cyber-crime, malicious uploads and data leakage – giving them peace of mind that their use of the Hub is as safe and secure as possible.

To this end, we take the following robust measures;

  • We employ Amazon Web Services EU (AWS) for hosting the Hub, with all data held on GDPR compliant, firewalled European servers;
  • We encrypt the data stored on the Hub using AES-256 for both database and file encryption on a “per-business” basis;
  • Uploaded file data is encrypted by the Hub application before it’s transported, and all data is transported via HTTPS;
  • We employ impartial cyber experts, who are GDPR and GCHQ Accredited, to regularly Penetration Test the Hub with ongoing Vulnerability Testing to ensure that the Hub, the data stored within it and the Amazon hosting servers are as secure as possible;
  • We act immediately and remedy any suspected cyber wrongdoing or attempts to hack our system;
  • Likewise, summ.its core IT infrastructure is designed to be Cyber Essentials compliant, with rigorous Cyber Essential Accreditation to further increase the resilience of summ.it systems.
  • We have Cyber Insurance cover, providing £1m of cover.

If you have any questions regarding security or would like access to recent testing reports, don’t hesitate to contact us at: hub@summ.it

At Summit we take your privacy and security seriously and will only use your personal information to administer your account and to provide the services you have requested from us.

We use your email address as part of allowing you access to your account and in order to contact you with important information about any changes to your account.

We will never sell your data and we promise to keep your details safe and secure and strictly adhere to the principles of General Data Protection Regulation GDPR)

Your Personal Data

What we need

Summit Assist LLP will be what’s known as the ‘Controller’ of the personal data you provide to us. We only collect basic personal data about you which does not include any special types of information or location based information.

Why we need it

We need to know your basic personal data in order to provide you with Summit’s services. We will not collect any personal data from you that we do not need in order to provide and oversee this service to you.

What we do with it

All the personal data we process is processed by our staff in the UK however for the purposes of IT hosting and maintenance this information is located on servers within the European Union. No 3rd parties have access to your personal data unless the law allows them to do so.

We have a Data Protection regime in place to oversee the effective and secure processing of your personal data.

How long we keep it

We are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed if no longer required.

What are your rights?

If at any point you believe the information we process on you is incorrect you request to see this information and even have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, please email neil.smith@summ.it and we will investigate the matter.

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).