Wise-Revise | UK GDPR & Data Protection Policy

1. Compliance commitment

Wise-Revise is operated with data protection controls designed to meet UK GDPR and Data Protection Act 2018 requirements. This statement summarises how compliance is governed in practice.

2. Governance and accountability

Data protection responsibilities are assigned at leadership level.
Privacy and security controls are reviewed as part of operational governance.
Compliance evidence is maintained through documented procedures and records.

3. Policies and procedures

Privacy notice publication and regular review.
Data subject rights request handling process.
Personal data breach triage, escalation, and notification process.
Processor due diligence and contractual control process.

4. Security controls (technical and organisational)

Encryption in transit; secure data storage controls.
Strong password and session security standards.
Role-based access and least-privilege permissions.
System monitoring, backups, and resilience controls.
Staff/admin awareness of secure handling practices.

5. Data processor management

Third-party processors are selected based on security and compliance suitability.
Data processing agreements or equivalent contractual terms are used.
Sub-processor and transfer risks are reviewed against UK GDPR requirements.

6. Data subject rights

Individuals can request access, rectification, erasure, restriction, objection, and portability where legally applicable. Requests are handled through a defined process and response timeframes.

7. Breach management

Security incidents are assessed promptly. Where reportable thresholds are met, customers and regulators are notified in line with legal obligations.

8. International data transfers

Where data is transferred outside the UK, appropriate safeguards are applied (for example contractual transfer clauses and risk-assessed processor controls).

9. School controller support

Schools using Wise-Revise as controller can request supporting compliance documentation, including processing scope, security posture summaries, and DPA terms.

10. Contact

For compliance questions, use your Wise-Revise support contact or your agreed service contact route.