UK Data Security Policy

Overview of the Arken service

Arken is a cloud service provided by Arken.legal (UK) Limitied in England & Wales. Businesses can register to use Arken and are required to complete a business profile, purchase subscriptions and pay relevant fees. Once subscribed, the business can use the service to draft and download completed documents.

Arken provides intelligent questionnaires for the user to input information, make selections, and choose option relevant to their client’s circumstances. There is a live interaction between the front end and the server to present to the user relevant questions based on previously entered information, selections made, and options chosen. Simultaneously, the service dynamically drafts the document and presents to the user on-screen in real time.

Data Security

Overview

Arken is committed to maintaining the highest operational standards in systems and processes to protect personal data in accordance with good industry practice. Arken takes a “defence in-depth” approach to protecting its systems and user’s data. Multiple layers of security controls protect access to data, including physical and network security, firewalls and intrusion protection systems.

Arken engages industry leading suppliers to leverage their expertise, experience, global threat and intelligence to protect its systems.

You control access

As a user of Arken you have flexibility and control over access to the service by your authorised internal users. On registration, a Primary User, is created with full access to all aspects of Arken. The Primary User can purchase additional subscriptions and allocate against nominated users. Please see our Privacy Policy for further information.

User authentication

User access to Arken is through a log-in and password. Users are responsible for maintaining the security of their own log-in information.

Data Encryption

Arken uses the latest industry standard SSL and TLS 1.3 (Transport Security Layer) with HSTS (HTTP Strict Transport Security) for enhance security and all data is encrypted in transit.

Facilities

Arken uses enterprise-grade hosting facilities that are PCI and ISO accredited and employs robust physical security controls to prevent physical access to the service and redundant power, air-condiitoning and communications. Controls include 24/7/365 monitoring and surveillance, on-site security staff and regular on-going security audits.

User data is held in accordance with Arken’s Privacy Policy. User’s client’s data is held only in the United Kingdom with redundancy and back-up strategies in place to minimise risk of data loss or outages.

People and Access

Arken maintains administration accounts on the service restricted to application health monitoring and performing system or application maintenance.

Only authorised Arken personnel have access to data which is strictly limited to essential personnel only and only from Arken equipment.

Monitoring

Arken continuously monitors event logs, notifications, and alerts from all systems to identify and manage threats.