CM Beyer Limited · Company No. 17009212 sales@cmbeyer.co.uk
Privacy Terms Support Contact

How we keep your data safe — a plain-English summary

01 April 2025 Group News

The detail on this sits in our Information Security Policy. This article is the 3-minute summary — what the controls are, why they matter to you, and what you can do at your end.

Encrypted in transit and at rest

Every connection to credicorp.co.uk and the customer portal uses TLS 1.2 or higher. The data we store is encrypted on disk. Sensitive items like third-party API keys are encrypted with an additional, separate key.

Multi-factor authentication on staff accounts

Every Credicorp staff member who can see customer data has to authenticate with both a password and a second factor (an authenticator app or a hardware key). Sensitive operations like overrides or deep-data exports require a re-authentication that expires after a short window.

Role-based access

A Collections agent cannot see the Settings tab. A Read-only auditor cannot mutate any record. Access is granted on a need-to-do-the-job basis and is reviewed regularly. Every staff view of customer data is audit-logged with the colleague’s name and timestamp.

Hosted in the UK

Customer data is stored on UK-based infrastructure. We do not move customer data outside the UK / European Economic Area without an explicit data-protection assessment and a Standard Contractual Clauses agreement in place.

72-hour breach notification

If we ever experience a confirmed personal-data breach that is likely to result in a risk to affected individuals, we notify the Information Commissioner’s Office within 72 hours of becoming aware. If the risk is HIGH, we contact the affected individuals directly. We maintain a breach register for every confirmed breach.

What you can do at your end

  • Turn on multi-factor authentication on your portal account when prompted.
  • Use a unique password for the portal — a password manager makes this easy.
  • Tell us immediately if you suspect your account has been accessed by someone else (write to security@credicorp.co.uk).
  • If you receive an email or SMS asking you to log in via an unexpected link, do not click it — always type my.credicorp.co.uk into your browser directly.

Security is a partnership. We do the heavy lifting on infrastructure; you do the heavy lifting on access. Working together makes the whole picture stronger.

Filed under: Group News

Support

Support Center Submit a Form Contact Page
Quick Message
Knowledge Base · Cookies · Privacy