NODE · LON-01|LONDON --:--:--
DC-Services — Digital Claims Services Limited
Legal Documentation

Cybersecurity Policy

Cybersecurity policy describing technical and organisational controls applied to defend the Digital Claims Services Limited estate against cyber threats.

Last reviewed: February 2026 · 24 sections

cybersecurity-policy.pdf · A4 · brandedAll documents
01

Acceptance of Terms

  1. 1.1By accessing the Digital Claims Services Limited website ("Site") or engaging with any element of our Cybersecurity Policy, you agree to be bound by the provisions set out in this document. If you do not agree, you must cease use of the Site immediately.
  2. 1.2This document constitutes a legally binding statement between you ("User", "Client", "you") and Digital Claims Services Limited ("Digital Claims", "we", "us", "our"), a company registered in England & Wales under number 08948101.
  3. 1.3We reserve the right to amend the Cybersecurity Policy at any time. Continued use of the Site following any changes constitutes acceptance of the revised version. Material changes will be notified via email or by prominent Site notice.
  4. 1.4You are responsible for reviewing this document periodically. The "Last updated" date indicates when the Cybersecurity Policy was last revised by our Compliance Office.
02

Definitions

  1. 2.1"Services" refers to the financial documentation organisation, mapping, structuring, and clarity services provided by Digital Claims Services Limited, including all administrative and informational outputs.
  2. 2.2"Content" refers to all text, data, images, graphics, templates, methodologies and other materials displayed on the Site or delivered under the Cybersecurity Policy.
  3. 2.3"Client Materials" refers to documents, records, statements, correspondence and information you provide to us for the purpose of delivering our Services.
  4. 2.4"Deliverables" refers to the structured reports, summaries, indices, matrices, visualisations and documentation produced by Digital Claims as a result of our Services.
03

Force Majeure

  1. 3.1Neither party shall be liable for failure or delay in performing obligations under the Cybersecurity Policy if such failure results from circumstances beyond reasonable control ("Force Majeure Event").
  2. 3.2Force Majeure Events include natural disasters, pandemics, war, armed conflict, terrorism, civil unrest, government actions, sanctions, power failures, internet disruptions and cyberattacks.
  3. 3.3The affected party shall notify the other party promptly of the Force Majeure Event, its expected duration and the obligations affected, and shall use reasonable endeavours to mitigate its effects.
  4. 3.4If a Force Majeure Event continues for more than ninety (90) consecutive days, either party may terminate the Cybersecurity Policy by giving fourteen (14) days' written notice.
04

Third-Party Links and Resources

  1. 4.1The Site may contain links to third-party websites, services or resources that are not owned, operated or controlled by Digital Claims Services Limited. Such links are provided for informational convenience only.
  2. 4.2We have no control over, and assume no responsibility for, the content, privacy policies, practices, accuracy or opinions expressed on any third-party websites linked from our Site.
  3. 4.3The inclusion of a link does not imply endorsement, sponsorship or recommendation by Digital Claims of the linked website, its operators or any products or services offered therein.
  4. 4.4You access third-party websites at your own risk and subject to their terms and conditions. We recommend reviewing third-party privacy policies before providing any personal information.
05

Prohibited Uses

  1. 5.1You may not use the Site or Services for any purpose that is unlawful or prohibited by the Cybersecurity Policy, including attempting to gain unauthorised access to our systems, networks or databases.
  2. 5.2You may not use automated scripts, bots, crawlers, scrapers or similar tools to access, index, scrape or interact with the Site without our prior written consent.
  3. 5.3You may not transmit any viruses, malware, worms, trojans or other harmful code through the Site, our communication channels or any document submission mechanism.
  4. 5.4You may not impersonate any person or entity, or falsely state or misrepresent your affiliation, or use another person's identity to access our Services.
06

Dispute Resolution

  1. 6.1In the event of any dispute arising from or relating to the Cybersecurity Policy, the parties agree to first attempt to resolve the matter through informal negotiation in good faith for not less than thirty (30) days.
  2. 6.2If the dispute cannot be resolved through negotiation within 30 days, either party may refer the matter to mediation under the rules of the Centre for Effective Dispute Resolution (CEDR). Costs of mediation shall be shared equally.
  3. 6.3If mediation fails to resolve the dispute within sixty (60) days of referral, either party may pursue legal proceedings in the courts of England & Wales, subject to the governing law provisions below.
  4. 6.4Nothing in this clause prevents either party from seeking urgent injunctive or equitable relief from any court of competent jurisdiction to prevent irreparable harm pending resolution of the dispute.
07

Complaints Procedure

  1. 7.1If you are dissatisfied with any aspect of our Services, please contact us at support@dc-service.uk with full details of your complaint, including your service reference number and supporting documentation.
  2. 7.2We will acknowledge your complaint within five (5) working days and assign a dedicated Case Manager. We aim to provide a full written response within twenty (20) working days of acknowledgement.
  3. 7.3If you remain dissatisfied after our internal complaints process, you may file a formal appeal within fourteen (14) calendar days of receiving our decision. Appeals are reviewed by a Senior Review Officer independent of the original case.
  4. 7.4If the appeal outcome remains unsatisfactory, you may escalate to the relevant UK dispute resolution body or pursue external mediation/arbitration within six (6) months of the final appeal decision.
08

Governing Law and Jurisdiction

  1. 8.1The Cybersecurity Policy shall be governed by and construed in accordance with the laws of England & Wales and the United Kingdom, without regard to conflict of law principles.
  2. 8.2The courts of England & Wales shall have exclusive jurisdiction over any dispute arising from or relating to the Cybersecurity Policy, subject to the dispute resolution provisions set out above.
  3. 8.3If any provision of the Cybersecurity Policy is found to be invalid, illegal or unenforceable, the remaining provisions shall continue in full force and effect, and the invalid provision shall be modified to the minimum extent necessary.
  4. 8.4The failure of Digital Claims to enforce any right or provision at any time shall not constitute a waiver of such right or provision and shall not affect the right to enforce such provision at a later time.
09

Entire Agreement

  1. 9.1The Cybersecurity Policy, together with our Privacy Policy, Cookie Policy, GDPR Compliance Policy and any individual service agreement, constitutes the entire agreement between you and Digital Claims regarding the use of our Site and Services.
  2. 9.2No oral or written representation, warranty, promise or statement not contained in the Cybersecurity Policy shall form part of the agreement between us, unless expressly agreed in writing by an authorised representative.
  3. 9.3In the event of a conflict between the Cybersecurity Policy and any individual service agreement, the service agreement shall prevail to the extent of the inconsistency, unless the Cybersecurity Policy expressly states otherwise.
  4. 9.4Any waiver of any provision must be in writing and signed by an authorised representative of Digital Claims. A waiver of one breach does not constitute a waiver of any subsequent breach.
10

Assignment and Transfer

  1. 10.1You may not assign, transfer, sub-contract or delegate any of your rights or obligations under the Cybersecurity Policy without our prior written consent. Any attempted assignment without consent shall be void.
  2. 10.2We may assign or transfer our rights and obligations under the Cybersecurity Policy to any successor entity, affiliate or as part of a merger, acquisition, corporate reorganisation or sale of all or substantially all assets.
  3. 10.3Any purported assignment or transfer in violation of this clause shall be null and void and shall not relieve the assigning party of any obligations under the Cybersecurity Policy.
  4. 10.4The Cybersecurity Policy shall be binding upon and inure to the benefit of the parties and their respective heirs, executors, administrators, successors and permitted assigns.
11

Electronic Communications

  1. 11.1By using our Site and Services you consent to receive communications from us electronically, including emails, notifications, secure messages and notices posted on our Site or client portal.
  2. 11.2You agree that all agreements, notices, disclosures and other communications provided electronically satisfy any legal requirement that such communications be in writing under applicable law.
  3. 11.3We may communicate service updates, policy changes, security alerts and important notices via email to the address you provide. You are responsible for ensuring your contact details are current.
  4. 11.4Electronic communications are not entirely secure and may be intercepted by third parties. Sensitive information should be shared through our secure document upload system.
12

Accessibility and Equal Access

  1. 12.1We are committed to making our Site and Services accessible to all users, including those with disabilities, in compliance with the Equality Act 2010, the European Accessibility Act and WCAG 2.1 Level AA standards.
  2. 12.2If you require information in an alternative format (large print, audio, Braille) or need reasonable adjustments to access our Services, please contact us at office@dc-service.uk.
  3. 12.3We regularly review our digital accessibility standards and implement improvements to ensure compliance with evolving best practices and legal requirements across all jurisdictions in which we operate.
  4. 12.4Feedback on accessibility issues is welcomed and will be addressed as a priority within our development cycle. We aim to resolve accessibility complaints within ten (10) working days of receipt.
13

Contact Information

  1. 13.1For questions about the Cybersecurity Policy, please contact us at info@dc-service.uk. We aim to respond to all enquiries within two (2) working days.
  2. 13.2Our registered office is: Digital Claims Services Limited, Nightingale House, East Reach, Taunton, Somerset, United Kingdom, TA1 3EN. Our Company Registration Number is 08948101, registered with the Registrar of Companies for England & Wales.
  3. 13.3For data protection enquiries, subject access requests or data deletion requests, contact our Data Protection Officer at legal@dc-service.uk.
  4. 13.4For complaints, please write to support@dc-service.uk or by post to our registered address, marked for the attention of the Complaints Manager. All correspondence should include your service reference number.
14

Regulatory Compliance Notices

  1. 14.1Digital Claims Services Limited (Company No. 08948101) is registered in England & Wales. We operate as a non-advisory, non-transactional service provider and our activities fall outside the perimeter of FCA-regulated activities.
  2. 14.2We comply with all applicable anti-money laundering (AML) and counter-terrorism financing (CTF) regulations, including the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (as amended).
  3. 14.3We adhere to the requirements of the UK Bribery Act 2010 and maintain a zero-tolerance policy towards bribery and corruption in all our business dealings and relationships.
  4. 14.4Our services are subject to periodic internal and external audit reviews to ensure compliance with applicable regulatory standards, data protection requirements and professional conduct obligations.
15

Amendments and Modifications

  1. 15.1We reserve the right to modify, amend or replace any part of the Cybersecurity Policy at any time. Changes will be effective upon posting to the Site, unless a later effective date is specified in the notice of change.
  2. 15.2Material changes will be communicated to registered clients via email at least fourteen (14) calendar days before taking effect. Continued use of the Site or Services after the effective date constitutes acceptance.
  3. 15.3We encourage you to bookmark this page and review the Cybersecurity Policy regularly. A change log summarising material amendments will be maintained at the bottom of this page for a period of twelve (12) months.
  4. 15.4If you do not agree with any proposed modification, you must cease using the Site and Services before the effective date and notify us in writing. Existing service agreements will be honoured according to their original terms until completion.
16

Security Measures

  1. 16.1All client information is encrypted in transit using TLS 1.3 and at rest using AES-256. Cryptographic keys are managed via a dedicated key-management service with periodic rotation and segregated administrative access.
  2. 16.2Access to client files is governed by a strict role-based access control (RBAC) model with mandatory multi-factor authentication. Privileged operations require secondary approval and are logged in an immutable audit trail.
  3. 16.3Documentation is stored within UK and EEA data centres operated by ISO 27001 certified providers. We never replicate client data outside approved jurisdictions, and we never use client documents to train automated systems.
  4. 16.4We conduct regular penetration testing, vulnerability scanning and independent security reviews. Findings are remediated under documented timelines tied to severity.
17

Record Retention

  1. 17.1Engagement records are retained for a minimum of seven (7) years following completion of the relevant Services, in line with statutory record-keeping obligations applicable to the United Kingdom.
  2. 17.2Retention periods are scoped to the documented purpose of each engagement. Upon completion, files are either returned, securely destroyed or archived under written client instruction.
  3. 17.3Backup copies are encrypted, geographically restricted to approved jurisdictions and purged according to documented schedules. We maintain a Record of Processing Activities under Article 30 UK GDPR.
  4. 17.4Clients may request a copy of retention records relating to their engagement at any time by contacting our Data Protection Officer.
18

Audit and Oversight

  1. 18.1Our internal Compliance Office conducts periodic reviews of all operational, data-protection and client-facing processes. Findings are reported to senior management and remediation is tracked to closure.
  2. 18.2Independent external auditors are engaged at least annually to review our internal controls, information-security posture and adherence to the Cybersecurity Policy.
  3. 18.3Audit logs covering data access, document handling and material configuration changes are retained for the duration of the regulatory retention period and made available to competent authorities on lawful request.
  4. 18.4Clients may request a high-level summary of the most recent independent audit. Detailed audit reports remain confidential to Digital Claims and its appointed reviewers.
19

Cookies and Tracking

  1. 19.1Our Site uses only strictly necessary cookies required for core site functionality, secure session management and load balancing. We do not use advertising or third-party tracking cookies.
  2. 19.2Where any optional analytics cookie is deployed, it is enabled only after explicit consent through our consent banner, and you may withdraw consent at any time via the cookie-preferences panel.
  3. 19.3You may disable cookies in your browser settings; however, some areas of the Site may not function as intended without strictly necessary cookies enabled.
  4. 19.4Our full cookie inventory, with category, provider, purpose and retention period, is published in our Cookie Policy and updated whenever cookies are added or removed.
20

Final Provisions

  1. 20.1The headings and clause numbers in the Cybersecurity Policy are for convenience of reference only and shall not affect their interpretation or construction.
  2. 20.2Unless the context otherwise requires, words in the singular shall include the plural and vice versa, and references to one gender shall include all genders.
  3. 20.3A person who is not a party to the Cybersecurity Policy shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any provision of the Cybersecurity Policy.
  4. 20.4The Cybersecurity Policy was last reviewed in February 2026 and is published at www.DC-Service.uk. The next scheduled review is February 2027.
21

Nature of Services

  1. 21.1Digital Claims provides financial information organisation and documentation clarity services. We do not provide financial advice, investment recommendations, tax guidance, or asset management of any kind.
  2. 21.2Our Services are strictly administrative and informational in nature. We organise, structure and present existing financial information in clear, readable formats without altering content or ownership.
  3. 21.3Digital Claims does not hold client funds, execute transactions, manage portfolios, or act as an intermediary between you and any financial institution, regulator or third party.
  4. 21.4Nothing in the Cybersecurity Policy or our Services shall be construed as financial, legal, tax or investment advice. You should seek independent professional advice before making any financial decisions.
22

Eligibility

  1. 22.1You must be at least 18 years of age and have legal capacity to enter into binding agreements to use our Services. Corporate entities must be duly incorporated and in good standing.
  2. 22.2By using our Services you represent and warrant that you meet all eligibility requirements stated herein and that the information you provide is accurate and complete.
  3. 22.3We reserve the right to refuse service to any person or entity at our sole discretion, including where we are unable to complete satisfactory identity verification.
  4. 22.4Our Services are currently available to residents of the United Kingdom and European Union. Availability in other jurisdictions may be limited and subject to additional terms.
23

User Obligations

  1. 23.1You agree to provide accurate, current and complete information when engaging our Services and to update such information promptly if it changes.
  2. 23.2You are responsible for maintaining the confidentiality of any account credentials, login details or access codes provided to you and must notify us immediately of any unauthorised access.
  3. 23.3You agree not to use the Site or Services for any unlawful purpose, including fraud, money laundering, terrorist financing, tax evasion or any activity that violates applicable sanctions regimes.
  4. 23.4You acknowledge that you are solely responsible for all decisions made on the basis of our Deliverables. Digital Claims bears no responsibility for actions you take or fail to take following receipt of structured documentation outputs.
24

Fees and Payment

  1. 24.1Our fees are fixed and disclosed in writing before any engagement begins. No work will commence until you have agreed to the applicable fees in writing via the service agreement or engagement letter.
  2. 24.2Payment terms, methods and schedules will be set out in your individual service agreement. We accept payment by bank transfer, credit card and other methods specified at the time of engagement.
  3. 24.3All fees are quoted in British Pounds Sterling (GBP) unless otherwise stated. Fees are exclusive of VAT where applicable. VAT will be applied at the prevailing rate and itemised separately on invoices.
  4. 24.4Late payments may incur interest at the rate of 2% per annum above the Bank of England base rate, calculated daily from the due date until payment is received in full, plus reasonable recovery costs.