top of page

Trust Centre - Channel Chaser

Trading Name: Channel Chaser (operated by Cairncom Communications Ltd)
Registered Address: Clyde Offices, 2nd Floor, 48 West George Street, Glasgow, G2 1BP, United Kingdom
Contactpolicy@cairncoms.co.uk

1. Overview

The Channel Chaser Trust Centre brings together everything you need to know about how we handle security, privacy, and compliance. It is designed for customers, partners, and procurement or security teams who need confidence that Channel Chaser is a safe and reliable platform for channel and reseller workflows.

2. Our Security & Privacy Principles

  • Security by design – security and privacy considerations are built into our product lifecycle.

  • Least privilege – access is granted only to the extent necessary for a role.

  • Transparency – clear documentation of our controls, vendors, and responsibilities.

  • Compliance aligned – aligned with UK/EU GDPR and CCPA/CPRA requirements.

  • Resilience – backups, monitoring, and recovery plans are built into our operations.

3. Data Protection & Privacy

Channel Chaser is built for B2B use and typically processes business contact data (e.g. reseller contacts, CRM records). We do not intentionally process special category data or children’s data.

Under data protection law:

  • We act as a Data Processor for customer CRM, reseller, and workflow data.

  • We act as a Data Controller for our own platform analytics and operational data.

Further detail is available in our:

4. Data Hosting & Sub-Processors

Channel Chaser uses a small number of carefully selected providers:

  • Wix – secure hosting and infrastructure for the Channel Chaser application.

  • Microsoft Office 365 – email (Outlook), document handling (OneDrive/SharePoint), and internal collaboration.

  • CRM Platforms (e.g. HubSpot, Zoho) – only when you choose to connect them.

All Sub-Processors are bound by appropriate data protection terms and are assessed during onboarding and periodically. A full Sub-Processor Register is available in our compliance pack.

5. Technical Security Controls

We implement layered security controls, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256 or equivalent)

  • Multi-Factor Authentication (MFA) on privileged accounts

  • Role-Based Access Control (RBAC) and least-privilege access policies

  • Secure development lifecycle informed by OWASP best practices

  • Logging and monitoring of key systems and admin activity

  • Regular vulnerability management and dependency scanning

For more detail, refer to our Technical & Organisational Measures (TOMs).

6. Backups, Availability & Business Continuity

We design for resilience and continuity:

  • Daily encrypted backups of key data

  • Backup retention up to 90 days

  • Documented Business Continuity & Disaster Recovery (BCDR) Plan

  • Target Recovery Point Objective (RPO): 24 hours

  • Target Recovery Time Objective (RTO): 24 hours

7. Incident Response

We maintain a formal Incident Response Plan covering detection, containment, investigation, remediation, and post-incident review.

If we identify a personal data breach affecting customer data, we will notify affected customers without undue delay, share relevant details, and support them in meeting any regulatory obligations they may have.

8. Compliance Documentation

For customers and partners requiring deeper review (e.g. during procurement or security due diligence), we provide a comprehensive compliance pack including:

  • Data Handling Policy

  • Privacy Policy

  • Data Processing Agreement (DPA)

  • Cookie Policy

  • GDPR & CCPA/CPRA Compliance Summary

  • Technical & Organisational Measures (TOMs)

  • Sub-Processor Register

  • Risk Register

  • Incident Response Plan

  • Business Continuity & DR Plan

9. Your Responsibilities as Customer

In most cases, you are the Data Controller for the personal data you manage via Channel Chaser. This means you are responsible for:

  • Ensuring you have a lawful basis for processing personal data in your CRM and within Channel Chaser.

  • Providing appropriate privacy notices to your contacts and resellers.

  • Not uploading special category or children’s data into Channel Chaser.

  • Managing access and permissions for your own users.

10. Contact & Security Enquiries

For any security, privacy, or compliance questions — or if you’d like to request our compliance pack — please contact:

Data Protection & Security Contact
Cairncom Communications Ltd
Emailpolicy@cairncoms.co.uk

bottom of page