Speak to our HR experts on 0844 327 2293

Data Protection Compliance

AdviserPlus complies with the UK GDPR and the Data Protection Act 2018.

AdviserPlus is committed to security best practice and already complies with industry standards, such as ISO27001:2022 and Cyber Essentials Plus. These certifications are subject to internal review and external assessment and we routinely review our security objectives to ensure we operate with the highest security standards.

How does AdviserPlus comply with data protection laws?

To comply with data protection laws the following actions have been completed or are part of ongoing compliance:

  • Independent Review
    AdviserPlus engaged an external data protection consultancy to perform a review of operations and actions taken to ensure our compliance with data protection laws.
  • Policies and Procedures
    Policies and procedures were reviewed and updated to address new requirements and are regularly reviewed and refreshed.
  • Supplier Review
    We reviewed all our supplier relationships to ensure we fully understand data flows and have the appropriate data contracts in place.
  • Culture and Training Awareness
    We have embedded data protection compliance as part of our culture throughout the business through mandatory data protection awareness sessions and regular updates to employees.
  • Customer Consultation and Engagement (as Data Processor)
    We consulted our customers and worked with them to support them with data protection requirements. On an ongoing basis we provide assistance with data flow maps, privacy impact assessments, approval of sub-processors / third parties, and data retention requirements.
  • Privacy Notices
    Our privacy notices comply with data protection laws and our websites display them.
  • Data Protection Policy
    We updated our Data Protection Policy and issued appropriate guidance to all employees.
  • As Data Controller
    For processing of personal data as a data controller, we reviewed and updated data retention periods and reviewed controls of internal systems and procedures.
  • Ongoing monitoring is performed to ensure compliance with the requirements of the regulations.

For more information about how AdviserPlus with data protection laws please contact our Data Protection contact at dataprotection@adviserplus.com.

Updated on 28/2/2025