top of page
Business Meeting

Incident Report Policy

How Do We Report Breaches.

At Match My Venue, we are committed to protecting the data and systems that support our operations. This Incident Response Policy outlines the procedures we follow to detect, respond to, and recover from any data breaches or security incidents. We aim to respond swiftly and effectively to minimise potential risks and ensure compliance with relevant regulations, including the GDPR.

1. Incident Response Team

The responsibility for managing data breaches and security incidents rests with our Data Protection Officer (DPO):

  • Adam Quigley, Founder & CEO
    Email: adam@theeventsconsultant.com
    Phone: 020 4591 3554

2. Detection and Monitoring
  • Microsoft oversees our systems and provides antivirus protection. Regular scans are conducted, and alerts are issued if any suspicious activity or potential breaches are detected.

  • Upon receiving an alert, the affected system or computer must be isolated and not used until Microsoft has investigated and resolved the issue.

3. Internal Reporting
  • Any staff member who detects or suspects a potential breach or security incident must immediately report it to the DPO.

  • Microsoft will be responsible for investigating the alert and providing a comprehensive assessment.

4. Containment and Assessment
  • If an incident is confirmed, immediate steps are taken to contain the breach, which may include isolating affected systems or suspending access to compromised accounts.

  • Microsoft conducts an assessment to determine the scope and impact of the incident, including the type of data involved and the number of individuals affected.

5. Notification of Affected Parties
  • If data has been breached, Match My Venue will notify any affected clients within 72 working hours of becoming aware of the breach, as required by the GDPR.

  • Clients will be informed of the nature of the breach, the data involved, the potential impact, and the steps being taken to mitigate risks.

6. Recovery Procedures
  • Following containment, all affected systems will be restored from secure backups stored in the Microsoft Cloud and HubSpot systems, as applicable.

  • Microsoft will work to resolve the issue and implement any additional protections to prevent recurrence.

7. Post-Incident Review
  • After the incident has been resolved, Microsoft will review the event and recommend any additional security measures or procedures to improve system resilience.

  • The incident and the response will be documented, and any lessons learned will be used to refine our incident response approach.

8. Ongoing Monitoring
  • While no formal testing of the incident response plan is currently in place, all systems are regularly scanned and monitored for suspicious activity to ensure ongoing protection.

9. Contact Us

If you have any questions about our Incident Response Policy or wish to report a security concern, please contact:

Match My Venue
Events Networking Limited
32 Hayes Square, Exeter, EX5 7AT
Phone: 020 4591 3554
Email: adam@theeventsconsultant.com

bottom of page