Our team has worked for the last 10 years building value for organisations from data on participants, members and activities, covering over 17 million personal records and 950 million program and facility visits. Data security is our single most important priority at all times. We provide the following 5 commitments to every partner organisation we collaborate with...
No delivery organisation ever sees or accesses another source organisation’s data unless explicitly permitted. No individual or organisation outside of ActiveXchange's immediate data team has access to data unless explicitly permitted.
In addition, ActiveXchange is and will remain independently owned. We collaborate with a number of sector steering groups to guide our developments.
No personal data is ever used to contact an individual (ActiveXchange typically do not require or request contact data fields).
The administration or delivery body always remains the Data Owner and can request that data sharing is terminated and account deleted at any stage.
ActiveXchange commits to supporting all partner organisations involved in the initiatives we manage to maximise the value of intelligence generated - if you do not benefit, we do not expect your data to be provided.
This is of critical importance to ActiveXchange. Wherever possible data transfers are managed over a dedicated, secure, password protected FTP server (private online folder system) or a direct API transfer, working closely with your existing third party member management system. ActiveXchange uses the latest Microsoft database software to store data, utilising Microsoft's latest data security features with all data hosted in the country of origin. In addition, ActiveXchange monitor all database access, which includes the use of static IP access (databases can only be accessed from specific computers/ terminals) and the use of VPN protocols to ensure our internal approach to working with your data is always controlled and follows best practice. Our IT and Data Security Policy is regularly reviewed.
All accounts are password protected using Auth0's authentication system.
Our IT and Data Security Policy is regularly reviewed, we have an in-house experienced and qualified Chief Information Officer, and a Non-Executive Cyber Security Director to provide oversight on processes and data governance policies.