Governance.

Policies, compliance & security.

Faretext embeds best practice into how we build, manage, and deliver services. Aligned with ISO 27001, ISO 9001, and Cyber Essentials Plus.

ISO 27001 aligned ISO 9001 aligned Cyber Essentials Plus ICO registered

Overview

Governance built on international best practice.

From day one, Faretext has operated with a clear commitment to responsible business practices. Our governance framework is built around internationally recognised standards, ensuring that information security, quality assurance, and regulatory compliance are embedded into everything we do.

Our policies cover data privacy, information security, quality management, environmental sustainability, and ethical business conduct. Every policy is documented, reviewed annually, and supported by staff training programmes that reinforce our commitment to continuous improvement.

Certifications

Standards we align with.

Standard Our Alignment
ISO 27001 Information Security aligned with ISO 27001 principles. Role-based access, MFA, encryption, and tested incident response.
ISO 9001 Quality Management aligned with ISO 9001. Continuous service improvement driven by KPIs, audits, and customer feedback.
Cyber Essentials Plus Cybersecurity practices aligned to Cyber Essentials Plus. Annual third-party penetration testing and vulnerability scanning.
ESG / Sustainability Environmental efficiency, ethical governance, and fair employment policies in place.

Data Privacy

GDPR compliant. ICO registered.

Faretext is registered with the Information Commissioner's Office (ICO) and fully compliant with GDPR and the Data Protection Act 2018. Data privacy is embedded into our platform design, our internal processes, and our contractual commitments.

ICO registration: ZA054854
Published policies: Privacy, Cookie, Anti-Spam, DPA in Terms & Conditions
Staff training: All personnel trained on GDPR, InfoSec, and data privacy
Controls: Role-based access, encryption in transit and at rest, retention schedules
Breach management: Documented detection, reporting, and notification procedures

Information Security

Protecting your data at every level.

Access Control

Role-based permissions, MFA for critical systems, and least-privilege access policies across all infrastructure.

System Security

Regular patching, malware protection, firewalls, and intrusion detection systems across all environments.

Monitoring & Response

24/7 monitoring, anomaly detection, and documented incident escalation procedures.

Independent penetration testing annually
Security-vetted cloud providers only
Multi-site redundancy and tested disaster recovery

Quality

Continuous improvement.

Our quality management practices are aligned with ISO 9001 principles. We measure, review, and improve every aspect of our service delivery — from onboarding and support to platform performance and compliance.

Documented processes

Documented onboarding, support, and escalation procedures ensuring consistency across every customer interaction.

Real-time reporting

Real-time reporting, KPIs, and dashboards that provide visibility into platform performance and service quality.

Customer feedback

Customer feedback loops and corrective action processes that drive meaningful service improvements.

Internal audits

Regular internal audits for compliance and efficiency, ensuring governance controls remain effective.

ESG

Responsible business practices.

Environmental

Cloud-first infrastructure, paperless operations, remote-first culture, and sustainable supplier selection to minimise our environmental footprint.

Social

Fair employment, equal opportunities, accessibility, and employee well-being programmes that support a healthy and inclusive workplace.

Governance

Transparent and ethical practices, documented policies, and supplier ESG vetting to ensure accountability throughout our operations.

Policy Management

Documented, tested & reviewed.

Governance policies reviewed annually (or sooner if regulations change)
Staff training at induction, refreshed annually
Incident response and escalation procedures documented and tested
Internal risk reviews ensure controls remain effective

Useful Links

Regulatory & industry bodies.

We work within the frameworks set by UK regulators and industry bodies. These organisations set the standards for data protection, responsible marketing, and fraud prevention that underpin our governance policies.

ICO

Information Commissioner's Office — the UK's independent authority for data protection and information rights.

visit

IAB UK

Internet Advertising Bureau — the industry body for digital advertising standards and best practice.

visit

DMA

Data & Marketing Association — setting standards for responsible data-driven marketing in the UK.

visit

Take Five

Take Five to Stop Fraud — a national campaign helping people and businesses protect themselves from fraud.

visit

Questions about our governance?

Our team is happy to discuss compliance, security, and data protection.

contact us

UK-based team. 01142 945 993. hello@faretext.co.uk

We value your privacy

We use cookies to enhance your browsing experience, analyse site traffic, and serve personalised content. You can choose which categories of cookies you allow below. cookies | privacy | terms | anti-spam