+44 (0) 1274 288 270 / +1 (888) 409 1917


Support are here to help between 08:00 – 23:00 (UK) Monday to Friday.

General Data Protection Regulation (GDPR)

As of 25 May 2018, European data protection legislation will be updated for the first time in 20 years. The EU General Data Protection Regulation (GDPR) replaces the 1995 EU Data Protection Directive. The GDPR strengthens the rights that individuals have regarding personal data relating to them and seeks to harmonize data protection laws across Europe, regardless of where that data is processed.

You can rest assured that Sun Branding is committed to GDPR compliance. We are also committed to helping our customers comply with the GDPR by providing stringent privacy and security protections that are built into our master service agreements.

What we're doing...
Sun Branding Commitments to GDPR


We have verified that our applications, e-flow, e-halo, have all of the necessary functionality for compliance with the GDPR. We are actively establishing user’s consent to share their profile details with user users and withholding that information when consent is not given. The method we use for deletion and retention of data is acceptable for use under the GDPR. This verifies to our customers they are using software that is going to keep them compliant when May 25th, 2018 comes around.

Data Processing

Any data that a customer and its users put into our systems will only be processed in accordance with the customer’s instructions, as described in our current master service agreements, terms and conditions, as well as our GDPR-updated data processing agreements.

Data Erasure

Organisation Administrators and Sun Support can delete user profile data, at any time during the term of the agreement. We are always working to enhance the robustness of the data export capabilities in e-flow. Sun Branding store data backups for two weeks before the backups are replaced fully and any old data is removed.
You can make a erasure or processing restriction request by CLICKING HERE

Data Protection Co-ordinator

The Sun Branding Data Protection Co-ordinator is: Martin Hawkins
Any questions can be directed to him regarding data protection concerns.

Making a Data Subject Access Request

You can make a Data Subject Access Request (DSAR) by CLICKING HERE

Standards & Certifications

Our customers expect independent verification of security, privacy, and compliance controls. The Sun Digital team undergo several independent third-party audits on a regular basis to provide this assurance:

ISO27001 Accredited

Sun Branding has been independently audited, and meets the requirements for BS EN ISO 27001:2013 registration.

Data Protection Registration

Sun Branding is registered with the Information Comissioner’s Office (ICO). This means we are contractually committed to delivering our services in compliance with the Data Protection Act (DPA).

Registration Number: Z9466390

Penetration Testing

We commission regular independent penetration testing of our infrastructure, to ensure we keep our system free from vulnerabilities. With many high profile customers in the financial sector, we recognise the need for tight security at a very technical level.

Promoted articles