08. Security The main bulk of our data is held in the cloud using Office 365 and SharePoint (https://privacy.microsoft.com/en-gb/privacystatement). It is protected by Multi-Factor Authentication (MFA), a firewall and stringent passwords. We (and our service providers) use appropriate technical, organisational measures and precautions to protect your personal data and to prevent the loss, misuse, or alteration of your personal data. Only employees that need access to a portion of data will be granted it, i.e. only caseworkers will have access to guest data and only fundraisers/administrators will have access to donor data. Back-ups of our online server’s data is held by our outsourced IT company (Totality Services - www.totalityservices.co.uk), who securely holds a copy in the case of a error to our online server. The hosting facilities for our website are situated in Ireland and Amsterdam. Transfers to each of these countries will be protected by appropriate safeguards, namely adherence to the GDPR. All electronic financial transactions entered through our website will be protected by encryption technology. You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. However, once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except when you log in to our website).