U Account is a leading Fintech solutions provider, launched in 2016 to provide an alternative to traditional banking for those that have been underserved by high-street banks. Based in Sheffield, South Yorkshire, they provide current accounts and other banking services that enable customers to avoid unfair fees and actively improve their financial health with an array of innovative built-in features and functionalities.
The business handles the personal data, including names, date of birth, address, account numbers and much more, of more than 50,000 customers, as well as the data of its employees. With the enforcement of GDPR set to be introduced in May 2018, the company wanted to ensure that it could confidently demonstrate its commitment to data protection and privacy by using SureCloud’s GDPR software and solutions..
Kieran O’Shea, Head of Compliance and Data Protection Officer at U Account, explained: “Data is our number one commodity, without which our business couldn’t survive. Our customers trust us to robustly secure not just their money but also their data; making trust core to our brand proposition.”
“To this end, we have developed robust controls to secure our data. However, as a fast-growing company, with constantly evolving processes which needed documenting in a central location within the business, we recognized that we needed to be able to demonstrate that our processes across the business were compliant.
“I was also very keen to ensure that we developed effective and efficient processes for managing incidents and subject access requests, so we wanted a solution that could both benchmark our existing processes and support the development of new ones, which will allow us to demonstrate our ongoing commitment to GDPR compliance.”
To address this challenge U Account wanted a solution that could link and cross-reference processing activities across all business processes. In addition, they were looking for a GDPR compliance solution that could support both their benchmarking and ongoing compliance requirements from a single access point.
“As a business that is cloud-native it was important to us that any solution not only met our compliance requirements but was also cloud-based, without the need for thousands of spreadsheets,” explained Kieran. “We reviewed a number of solutions, including open source, custom made and off the shelf solutions, ultimately selecting SureCloud as they not only met all our requirements but enabled us to have a mature, well-established off the shelf solution with room for custom configuration.”