Abacus Systems

contact us

Privacy Policy

Effective date: 28 July 2025

Introduction
At Abacus Systems, safeguarding information and privacy is central to our daily operations. We are committed to managing data responsibly while ensuring compliance with industry regulations, including EU-GDPR. This policy outlines our approach to maintaining high security standards across our business processes.


Policy Purpose & Compliance
This policy serves as a guide for how Abacus Systems manages personal information across our organization. We comply fully with data protection laws, particularly EU-GDPR, and adhere to ISO 27001 & ISO 27552 standards to ensure strong security measures are in place.


Leadership & Accountability
Stephen Mullin has been appointed to lead our Information & Privacy Security efforts. He is responsible for implementing security initiatives, communicating policies, and ensuring awareness both internally and externally. Security considerations are an integral part of our management discussions to maintain compliance and continuous improvement.


Key Security Commitments
Abacus Systems is committed to maintaining strong security practices across all operations. Our priorities include:

  • Regulatory Compliance – Meeting all relevant legal and regulatory requirements while minimizing security risks.
  • Employee Awareness – Providing training, resources, and guidance to ensure staff understand security responsibilities.
  • Data Protection Training – Educating employees on safeguarding customer and business information.
  • Continuous Security Improvement – Regularly reviewing policies and security practices to align with ISO 27001 principles.
  • Performance Monitoring – Setting clear security objectives and tracking progress through audits and assessments.

Data Processing Principles (GDPR Compliance)
Our approach to data processing aligns with the principles set out in Article 5 of the GDPR directive:

  1. Data Collection & Processing
    • Personal data is collected only for legitimate business purposes.
    • The minimum necessary amount of data is processed.
    • Additional controls are in place when handling children’s information.
  2. Data Security & Retention
    • Personal information is securely stored, kept up-to-date, and retained only as long as legally required.
    • Systems are in place to safeguard data from unauthorized access or misuse.
  3.  Regulatory Compliance & Individual Rights
    • Abacus Systems respects individuals’ rights to their personal information.
    • Transfers of personal data outside national boundaries occur only under strict security measures.
    • Appropriate regulatory considerations are made when offering services across borders.

Risk Management & Auditing
Our risk assessments focus on maintaining the Confidentiality, Integrity, and Availability of company information and systems. We identify potential vulnerabilities, implement mitigation strategies, and conduct regular audits to ensure ongoing security.


Internal Audit & Policy Oversight
We have established an Internal Audit Programme to continually assess and improve our security framework. All processes—both operational and support—fall within the scope of our audits to ensure compliance and effectiveness.


Final Notes & Accessibility
This policy is available to all employees via our internal documentation system and is also published on our company website, www.abacus.ie, for reference.

  •