on Facebook

01909 561835

General Data Protection Regulations - Our Commitment

The new General Data Protection Regulations come into force on 25th May 2018 from this date Chandlers archives will have additional responsibilities on our customer’s data that we hold and process

Protecting our customer’s data is our top priority within Chandlers archives.

The data we hold both in hard copy or electronically, will only be shared with the customer that gave us that data.

Chandlers Archives hereby undertakes not to copy, release, divulge or communicate, either in writing, orally, electronically or by any other means, to any third party, either directly or indirectly, any information not already in the public domain relating to any of our customers.

Our Privacy Policy

As a commitment towards the privacy of our customers and website visitors we have put in place, for all to see, our privacy policy. The details included are also in line with the General Data Protection Regulation (GDPR) European Law 25 May 2018.

General Aspects

All data that we receive and store from our customers or visitors to our website (hereby referred to as ‘you’) is done so for the sole purpose of helping you with the specific enquiry you made. Under no circumstances will we pass on this data to a third party.

If you require any further clarification, please use our phone number provided to call for assistance.

Your personal data security

Any data you pass onto us which is personal to you and can directly identify you, such as your name, email address, phone number etc, will be dealt with as securely as possible. This includes the points below;

  • Whenever we ask for the data from you we will ask for consent, via our website this is through a positive opt-in checkbox that has clear details for you to follow
  • When you are sending information through our web forms the data will be encrypted via our SSL certificate, which you can see in action through the https:// in our website url
  • Our email accounts also use SSL so any email we receive is also secure on our part. To ensure full security you should also make sure that you are sending from your computer securely
  • Your personal data is encrypted within our database so it is not human readable and ensures safe storage

Your right to be forgotten

We have in place IT systems that allow us to quickly identify and remove any data held about you, should you wish to be forgotten by us. This is inline with the GDPR ‘right to be forgotten’ and we will comply within the EU specified 1 month period.

Website security

We take website security very seriously and have taken a great deal of precaution to

make sure that our website is safe from attack or misuse. A brief background on website security and also what specific steps we have taken to secure our website.

Server security

The actual server that the website is located on needs to be secure so that unauthorised persons cannot access it. Our website is with a large specialist web hosting company who have been in the industry for over 12 years, winning many an award.

The benefit of using a specialist web hosting company over setting our own server up is that they are constantly looking for security issues that may arise and fixing them instantly if they do.

Our server login password is also a mixture of uppercase and lowercase letters,

numbers and symbols for maximum security. Weak passwords are a huge security concern and should be avoided at all costs.

Database password storage

 All passwords stored in our database use an encryption so that anyone looking at the database will just see a random 40 character string. This has the benefit that should a backup of the database fall into the wrong hands they would still not be able to use the username and passwords to gain access to the system.

This encryption also ensures the staff that does have access to the database, cannot see what the actual password of each user is. This also rules out any possibility of registered users having their password used to gain access to other systems they may have used the same password for.


Secure Sockets Layer (SSL) certificate

One of the most important parts of the website security of our system is the SSL certificate. What this does is encrypts any data that is transmitted when using our website. This ensures that when people login to our system no data can be seen by a third party. It also allows for secure messages to be passed on from users of the website to our admin team without the fear of the message being read by any unintended person.

The SSL certificate should always be looked for when using our website so that you can tell that the website is secured. This helps the user rule out entering data into the wrong website.

This is a security issue called phishing which has been used in the past to get peoples bank details off of them. This method is when someone sets up a

similar looking website and tricks the user into using this website thinking it is the original system. However, the SSL certificate will only show for the genuine web site so allowing the user to check for this certificate ensures that they have not been tricked into putting any confidential information into the wrong website.

The SSL certificate we use has a 99.9% Browser Recognition Rate which means it will be available for all modern internet browsers. The more technical details of the certificate are that it is 256 Bit Strong SSL Encryption.


Other steps we take to make sure our website is secure

  • Spyware and antivirus protection is on all computers that connect to the website via ftp. This is the method of gaining access to the actual files of the website which would be a huge problem if someone gained unauthorised access.
  • Strong passwords are always used for critical login areas
  • Regular checks are made to make sure only the correct amount of admin accounts are on the system. Creating admin accounts for themselves is a common task a hacker usually performs.
  • Software on the server is regular updated
  • All form entries into the websites are checked by the system upon submission to make sure that malicious code has not been attempted to pass through it
  • Descriptive error messages are turned off on the website. This makes sure no useful information is given away to potential hackers
  • Any file uploads within the login area of our website only allows certain files to be uploaded. This removes the ability for a would be hacker to upload malicious files to the server.


Chandlers Archives Limited is a registered company in England and Wales

Company Number: 4980074
Address: Cannon House, Rutland Road, Sheffield, S3 8DP
VAT Registered Number: 848/1808/01