Protecting your data, ensuring your trust
Top Employers Institute gathers business data and, in some limited cases, certain personal data for communication purposes. Top Employers Institute ensures that all personal data collection complies with GDPR regulations, emphasising transparency.
Top Employers Institute collaborates with several trusted partners (ISO- certified). Each partner adheres to stringent data security protocols and has signed Non-Disclosure Agreements to ensure the confidentiality of client data. These partnerships are crucial for maintaining robust security standards across all data-handling processes.
The storage of data is managed securely, in data centres of our partners. These data centres are equipped with multiple availability zones to ensure redundancy and minimal service disruption in case of any issues.
Our service will be provided on ourportal.topemployers.com and www.forabetterworldofwork.com
Your data, our priority
Access to data is strictly controlled based on the principles of “need to know” and “least privilege.” Only permitted employees and designated client representatives can access the data, ensuring that it is only available to those requiring it for their roles. Access is terminated promptly upon the conclusion of employment or at the client’s request.
Confidentiality is a cornerstone of Top Employers Institute’s data security strategy. All collaborators, including partners and permitted employees, are contractually obligated to maintain the confidentiality of all data.
Top Employers Institute has established efficient procedures for data recovery and deletion. Upon request, data can be recovered or deleted within three working days. While client-specific documents and personal data are deleted, responses to certain survey questions are retained for benchmarking and analysis purposes, ensuring no confidential information is included in the retained data.
Top Employers Institute employs robust internal and external security systems, including encryption for data in transit, to protect against unauthorised access and data breaches.
Secure data, secure future
In the event of a data security incident, we have policies in place to address and manage the situation promptly. We are prepared to inform clients and take necessary actions as outlined in our internal Business Continuity Plan.
We ensure ongoing compliance with legal requirements through regular employee training, ensuring that all employees are knowledgeable about the latest security practices and technologies, such as AI.
Clients have the right to audit our compliance with data security protocols at their own expense.
This data security information overview was updated in March 2025.