Information Security Statement

About Us

Call Handling Services Ltd (‘CHS’) is committed to protecting the confidentiality, integrity, and availability of information processed through our services. As a provider of cloud-based communication and contact centre solutions, we recognise that maintaining strong information security and service quality is fundamental to the trust placed in us by our customers.

Our approach to information security is integrated within our Business Management System (BMS), which aligns with internationally recognised standards including ISO 27001 for Information Security Management and ISO 9001 for Quality Management.

Commitment to Information Security

CHS maintains policies, procedures, and technical controls designed to protect customer data and ensure secure and reliable service delivery. These measures are intended to manage information security risks while supporting the delivery of high-quality services to our customers.

Our information security objectives include:

Protecting customer and company information from unauthorised access, disclosure, alteration, or loss;
Maintaining the availability and reliability of services delivered through our cloud platforms;
Ensuring that personal data is processed in accordance with applicable data protection legislation including UK GDPR and the Data Protection Act 2018;
Maintaining appropriate security controls to mitigate risks to information assets;
Continually improving our information security management practices.

Security Governance

Information security governance at CHS is overseen by senior leadership and supported by defined roles responsible for risk management, compliance, and operational security.

The Board of Directors provides overall oversight of the organisation’s information security and quality objectives, ensuring appropriate resources and strategic direction are maintained.

Operational responsibility for implementing and maintaining information security controls is supported by technical and compliance leadership within the organisation.

Security Controls and Risk Management

CHS operates a risk-based approach to information security, implementing appropriate technical and organisational safeguards to protect information assets.

These controls include measures such as:

Encryption of data in transit and at rest;
Role-based access controls and multi-factor authentication;
Secure administrative access controls;
Network security and infrastructure segregation;
Vulnerability management and monitoring;
Incident detection and response processes.

Security controls are regularly reviewed to ensure they remain effective against evolving threats and operational risks. Independent assurance of CHS’ information security and quality management practices is provided through ISO 27001 and ISO 9001 certifications and Cyber Essentials Plus accreditation.

Personnel Awareness and Training

All CHS personnel are expected to support the organisation’s information security objectives. Employees, contractors and authorised users receive training and guidance on information security and data protection responsibilities relevant to their roles.

Personnel are required to comply with internal policies and procedures designed to protect information assets and maintain service quality.

Supplier and Infrastructure Security

CHS works with carefully selected suppliers and infrastructure providers to support the delivery of its services. Appropriate due diligence and contractual safeguards are applied to ensure that third-party providers meet security and data protection requirements.

Monitoring and Continuous Improvement

CHS continually monitors the effectiveness of its Business Management System through activities such as internal reviews, performance monitoring, and external certification audits.

Customer feedback, operational monitoring and risk assessments are used to identify opportunities for improvement and strengthen security and service quality practices.

The organisation remains committed to ongoing improvement of its information security management practices to support secure, reliable and high-quality services.

Governance, Review & Approval

This statement reflects CHS’ commitment to maintaining effective information security and quality management practices.

The policy framework supporting this statement forms part of the CHS Business Management System and is subject to regular review by senior leadership.

This statement is approved by the Board of Directors and will be reviewed at least annually, or sooner to reflect evolving technologies, regulatory requirements, or operational practices.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Product

Product

Product

Information Security Statement

About Us

Commitment to Information Security

Security Governance

Security Controls and Risk Management

Personnel Awareness and Training

Supplier and Infrastructure Security

Monitoring and Continuous Improvement

Governance, Review & Approval