Often when submitting an application or tender with a 3rd party, Nesta will need to provide a statement ensuring we meet data protection standards set by the government or other parties. Our standard response to these questions can be found below:
Nesta is committed to ensuring its compliance with the requirements of all relevant Data Protection legislative and regulatory requirements. All Nesta staff are obliged to comply with our data protection policy and its appendices and any staff guidance issued when processing Personal Data on Nesta’s behalf. These policies include guidelines for data sharing, risk management, record keeping, and incident management to ensure proper handling of all personal data. Furthermore, Nesta has implemented a number of systems to ensure data is secure at all times. These systems include identity management, device management, encryption, security policy management, patch management, endpoint protection, and data loss prevention tools.