Accreditations & GDPR

Data protection, information security and a quality product and service are of paramount importance to Legend and our clients. This means a trusted, secure, highly available, fully managed hosting service and industry leading customer care: Legend’s “It just works” philosophy in action.

Legend is ISO 27001 2013 accredited. ISO 27001 is an internationally recognised Information Security Management standard which ensures an organisation has stringent processes and standards in place to reduce risks and manage information security. Certification demonstrates that the whole organisation and solution follows international information security best practice, which is a process continuously audited by an external, independent and accredited body. We select only the highest specification Tier III hosted data centres that are also ISO 27001 2013 certified and PCI DSS compliant.

Gaining this accreditation is a mark of Legend’s commitment to lead the sector with information security best practice. In being ISO 27001 accredited, and only using ISO 27001 certified data centres, our customers can rest assured that their data is professionally managed and secure. Legend has also been awarded an ISO 9001 2015 Quality Management accreditation. This means that all our people, processes and systems are independently audited by professionals to ensure that we comply with the highest industry quality standards throughout our entire business.

Our accreditations are independent validation that with Legend you get information security peace of mind.

Click here for our ISO 27001 Certificate

Download

Information Security Video

Click here for our ISO 9001 Certificate

Download

Dont take our word for it, see below what our clients think of our security....

"We know our data is in safe hands."

"ISO 9001 accredited Legend has a great robust system and good processes in place to support us."

"Legend gives us peace of mind"

GDPR

Incidents, such as the WannaCry Ransomware attack, and the Pay as U Gym incident have placed an increased industry focus on Information Security. Expert advice indicates that this trend is not going to improve. In addition to this threat, all operators are about to be required to address a number of changes associated with compliance with the new General Data Protection Regulations (GDPR), due to come into force in May 2018. Legend has sought to help customers get ready for the fast approaching GDPR changes through a variety of different programmes which will enable them to better prepare for their GDPR responsibilities.

Documentation Provided for GDPR

Legend GDPR FAQ's
Legend GDPR Toolkit
Legend GDPR Information Document
Legend Personal Data Summary
Legend Register of Processing Activities (ROPA)
Legend Privacy Impact Assessment
Legend Redaction Process
Clear Desk Audit Template
Device Audit Template

Documentation has been sent to key contacts and is available on the Legend Releases Portal.

Information Security/GDPR Briefing Events

Legend have hosted free of charge Information Security/GDPR Briefing Events in London, Manchester, Ireland and Scotland. Events were provided as a service to Legend customers with an interest and a responsibility for Information Security. Slides are available on request.

The events aimed to give guidance as to how leisure industry operators can ensure that they meet the new GDPR requirements and also take sensible measures to protect their business from potential cyber attacks.

Paul Simpson, Legend's Chief Operating Officer and Manager of the ISO 27001 Certified Legend Information Security Management System (ISMS) oversees GDPR for Legend.

Topics Covered

GDPR an Overview
GDPR what are the Threats
Information Security a Culture Change
GDPR Documentation
GDPR an Action Plan

Hayley Richards - Gymbox

"I have now been on 3 talks/events on GDPR and this was by far the most engaging, informative, clear and helpful to us. We will definitely be using the slides/advice provided in our preparation for May 25, 2018. Good luck for the remaining events and thanks again for yesterday."

London July 13, 2017

GLL

"I have been to several GDPR/ Information Security events and this one was by far the most relevant and comprehensive - indeed the best I have attended."

London July 13, 2017

Jon Layton - Halo Leisure

“It was great to see such an unwieldy topic approached from a pragmatic viewpoint with lots of good advice about what we need to be thinking about.”

Manchester July 20, 2017

Susan Mc Entegart - Corner Shop Gym

"I was delighted to be a guest of Legend Club Management Systems for their GDPR/Information Security Briefing in Athlone Regional Sports Centre today. I learnt lots of great info about the impending regulations and how to prepare your business in advance."

Ireland July 26, 2017

Brian Hogan -Coral Leisure

"Thanks for the event in Athlone last week, I found it extremely useful and the quality and expertise of your presenter really helped get the important messages across and also made the day pass much more quickly than anticipated- it was definitely a very worthwhile experience."

Ireland July 26, 2017

Ian Dyer – Inverclyde Leisure

“We were happy to host the Legend GDPR Scotland Briefing. The presentation of what is a complex subject was delivered in a highly professional but relaxed manner. I believe that the delegates who attended the event all left with an improved understanding of the major impact this new legislation will have on us all next May.”

Scotland August 23, 2017

Consultancy Services

Paul Simpson is available for consultancy advice on GDPR and related issues please contact to discuss your individual requirements. All advice is tailored to customer needs.

Click here to contact Paul