Information Security Statement

Effective Date: June 2026

1. Our Commitment

Rumos Advisory Ltd is committed to protecting the confidentiality, integrity and availability of information entrusted to us by clients, partners and stakeholders.

Information security is a fundamental part of how we operate and supports our commitment to professional, responsible and trusted advisory services.

2. Security Principles

Our approach to information security is based on the following principles:

Confidentiality

Information is only accessible to authorised individuals who require access for legitimate business purposes.

Integrity

Information is protected from unauthorised modification, corruption or loss.

Availability

Appropriate measures are implemented to ensure information and systems remain available when required.

3. Information Handling

Rumos Advisory takes reasonable and proportionate steps to safeguard information throughout its lifecycle.

This includes:

  • Secure storage of information

  • Controlled access to business systems

  • Protection of client and commercially sensitive information

  • Secure disposal of information when no longer required

  • Regular review of information management practices

4. Access Control

Access to information is restricted based on business need.

We seek to ensure that:

  • Access rights are granted only where necessary

  • User access is reviewed periodically

  • Strong authentication measures are used where available

  • Unauthorised access is prevented wherever reasonably practicable

5. Technology and Security Measures

Rumos Advisory utilises a range of technical and organisational measures designed to support information security, including:

  • Secure cloud-based services

  • Password and authentication controls

  • Device security measures

  • Encrypted communications where appropriate

  • Software updates and security maintenance

  • Access management controls

Security measures are reviewed periodically and adapted as appropriate.

6. Third-Party Service Providers

We may utilise carefully selected third-party providers to support business operations, including:

  • Website hosting

  • Business productivity platforms

  • Scheduling and communication tools

  • Cloud storage and collaboration services

Where appropriate, we seek to ensure that service providers maintain suitable security standards and data protection practices.

7. Data Protection

Rumos Advisory is committed to processing personal data responsibly and in accordance with applicable data protection requirements.

Further information regarding the processing of personal information can be found in our Privacy Policy.

8. Incident Management

In the event of a security incident, we will take appropriate steps to:

  • Assess the nature and scope of the incident

  • Contain and mitigate potential impacts

  • Investigate the cause

  • Implement corrective actions where necessary

  • Meet any applicable legal or regulatory obligations

9. Employee and Contractor Responsibilities

Anyone acting on behalf of Rumos Advisory is expected to handle information responsibly and maintain appropriate standards of confidentiality and security.

Information security responsibilities apply to all business activities involving client, supplier or company information.

10. Continuous Improvement

Information security is an ongoing process.

Rumos Advisory periodically reviews its security practices, technologies and processes to support continual improvement and maintain appropriate protection for information assets.

11. Contact Information

For questions regarding this Information Security Statement, please contact:

Rumos Advisory Ltd

Email: contact@rumosadvisory.co.uk

Website: https://rumosadvisory.co.uk

12. Statement Review

This Information Security Statement may be updated periodically to reflect changes in business operations, technology, regulatory requirements or security practices.

The latest version will always be available on this website.