INFORMATION SECURITY & CONFIDENTIALITY

Our Approach

We regularly support global organisations operating in highly regulated environments where communication accuracy, confidentiality, and operational resilience are critical.

Protecting commercially sensitive information is an important part of how we work.

Information Security

We maintain technical and organisational measures designed to support secure working practices across the business.

Our approach includes:

  • Secure cloud-based collaboration and storage platforms

  • Controlled access to project materials

  • Two-factor authentication (2FA)

  • Encrypted connections and secure remote access

  • Backup and business continuity measures

  • Contractor onboarding and confidentiality agreements

  • Redundancy across core systems and connectivity

Production materials and project files are stored using secure systems with controlled access permissions appropriate to the nature of the work.

Our IT and data security approach is aligned to Cyber Essentials principles and controls.

Production Data & Project Files

Production materials and project files are held in secure systems with controlled access permissions.

For film and production work, we may use Google Workspace, Google Drive, Frame.io, internal servers, and other appropriate production systems.

Secure remote access and encrypted connections are used for the transfer and handling of sensitive production materials where appropriate.

Our data storage approach follows secure backup principles across multiple locations and environments.

Data Protection

We Are Toucan Ltd complies with:

  • UK GDPR

  • Data Protection Act 2018

  • Privacy and Electronic Communications Regulations (PECR)

We are registered with the Information Commissioner's Office (ICO).
ICO Registration Reference: ZB918267

Operational Resilience

We maintain backup and continuity procedures designed to support operational reliability and minimise disruption.

Our data storage approach includes secure backup principles across multiple locations and environments.

We maintain redundancy across core systems and connectivity to support continuity of service.

Insurance

Appropriate cyber, professional indemnity, public liability, and employer liability insurance is maintained.

Working with Freelancers & Partners

We work with a trusted network of freelancers and specialist partners where appropriate.

Access to project materials is controlled and governed through onboarding procedures, confidentiality obligations, and contractual agreements.

Questions

If you would like more information about our approach to information security or confidentiality, please contact:

hello@wearetoucan.co.uk