Trust Centre

At Pogust Goodhead, we secure and protect the information of more than one million clients worldwide with absolute transparency and 24/7 support.

For us, transparency is key. It is one of Pogust Goodhead’s core values and we are committed to ensuring this is true in all aspects of our business, including our privacy and security.

We are committed to maintaining and improving security information for our clients and staff to ensure regulatory and legal requirements are met.

We take accountability. We can effectively and efficiently manage and protect our clients’ personal data by ensuring we have a thorough understanding of the risks associated with sharing information online.

We continuously assess and manage our internal policies, our network security, and our security operations with our clients’ best interests in mind so they can rest assured that their data is being kept safe and secure.

In 2023, Pogust Goodhead passed the ISO 27001 certification, demonstrating that we have put in place best-practice information security processes for the firm. Our focus on cyber security continuously helps Pogust Goodhead’s rapid growth and enables us to securely help millions of people around the world get the access to justice they deserve.

Here are some of our most frequently asked questions surrounding data and privacy:

How does Pogust Goodhead ensure that data is secured?

Pogust Goodhead is committed to protecting the information that we hold from misuse, loss, or unauthorised access.

We do this by having a range of appropriate technical and organisational measures in place. These include encrypted systems to hold data securely in both electronic and physical form, appropriate confidentiality arrangements and information handling policies where appropriate with those who have access to the information we hold (for example our staff, contractors, service providers and co-counsel) and taking swift and effective steps to identify and contain any suspected information losses.

What information and security standards and certifications do we hold ourselves to?

We collect personal data through the website in two ways:

1. Personal data that we receive directly from you
2. Personal data that we collect automatically (see website users)

Personal data that we receive DIRECTLY FROM YOU:
• Where you contact us proactively, usually via an online form, by phone or email; and/or
• Where we contact you, whether by phone, email or any other form of communication.

WEBSITE USERS: When you visit our website, there is certain information that we may automatically collect, whether or not you decide to use our services. This includes your IP address, the date and the times and frequency with which you access the website and the way you browse its content. We will also collect data from you when you contact us via our website, for example, when you submit a query.
• We collect your data automatically via cookies, in line with cookie settings in your browser.

Is my data encrypted by Pogust Goodhead?

Yes, all data shared is encrypted both at rest and in transit to ensure you are kept safe at every step of the journey.

How does Pogust Goodhead support the implementation of password policies?

Pogust Goodhead uses a corporate password management tool to both generate secure passwords that adhere to our password policies. We also use multi-factor authentication wherever available.

What internal information security policies do Pogust Goodhead enforce?

We enforce a suite of Information Security policies consistent with the ISO 27001 framework, including but not limited to:

3rd Party IT Delivery and Monitoring Policy

Acceptable Use Policy

Building Access Security Procedure

Business Continuity Policy and Framework

Change & IT Governance Approach

Clear Desk Policy

Crisis Management Plan

Data Protection Policy

Identity and Access Management Policy

Incident Management Policy

Information Asset Process

Information Classification Policy

Information Security Policy

Information Security Risk Register

IT Anti-Virus Policy

IT Encryption Policy

IT System Data Retention

Network Access Controls and Services Procedure

Network Firewall Implementation Process

Record Keeping and Retention Policy and Process

Remote Working Guidance

Removable Media Guidelines

Pogust Goodhead is also ISO 27001 certified, meaning our firm is recognised for the best-practice information security processes we have in place.

With the rapid growth of the firm, we take exceptional pride in ensuring our security measures are of the highest quality, and our new ISO certification formally exhibits this.

If you would like any more information on any of the topics discussed on this page, please contact our specialist team on [email protected].