For the past 5 years we’ve held the ISO 27001:2013 certification at Polaris, and we are now pleased to strengthen our dedication to information security with the adoption of the new ISO 27001:2022 standard.
This certification underscores our continuous commitment to maintaining the highest levels of confidentiality, accuracy, and availability of information across our organisation.
Read on to learn about how ISO 27001 impacts Polaris, our clients, and stakeholders, and the benefits the new standard brings to our operations.
ISO 27001 is the most widely adopted international information security standard and is used by organisations all over the world. It provides a comprehensive framework that helps organisations develop and maintain an Information Security Management System (ISMS).
ISO 27001 includes a set of control objectives and activities to help organisations reduce their risk of data breaches and security incidents showing an organisation’s commitment to protecting their critical data assets and complying with applicable laws and regulations.
ISO 27001 provides our customers with an internationally recognised hallmark of excellence in data security. This allows Polaris to operate, monitor and continually improve an Information Security Management System (ISMS) that is independently audited every 6 months.
Whilst Polaris would be deemed a small organisation with a single office and less than 25 staff, our ISMS scope includes the interests of our stakeholders and customers of our industry wide services, across general insurance, in the UK and Ireland. This supports our position in the market as an industry owned provider of essential and core products that are widely used and trusted by the industry.
This year, Polaris is implementing the ISO 27001:2022 standard, a new standard reflecting a modernised version aligned with current global trends.
Implementing the ISO 27001:2022 standard enhances our organisation’s security profile offering robust protection for sensitive information and mitigating potential risks. This new standard provides a more structured approach to risk management, ensuring that we can identify and address vulnerabilities proactively. Additionally, it further streamlines our operations by establishing clear security policies and procedures and reinforces our credibility with clients.
The ISO 27001 standard continues to adapt to changes in the business environment, providing guidance for organisations in monitoring, protecting information, and enhancing risk and threat analysis. At Polaris, we remain committed to staying updated with the latest standards.
View our ISO certification & Statement of applicability
Click to view
ISO Certificate
Statement of Applicability
If you would like to learn more about our ISO certification journey, contact us at [email protected] and read our previous articles, here and here.
Please read these terms before using the Polaris.co.uk website (“the Site”).
By using the Site you signify your acceptance of these terms. If you do not agree to these terms please do not use the Site.
The purpose of the Site is for insurers, brokers and members of the software industry to be provided with information about Polaris U.K. Ltd (“Polaris”), our software products and services and information about insurance industry standards. We do not sell any of our software products via the Site, but if you wish to licence such products you can contact Polaris (0207 265 5765) or use our contact us page to arrange a licence. As a licensee you will be able to download the applicable products via the Site. Please note that the Site is not intended for use by the general public.
We have taken every care in the preparation of the Site. However, as certain technical matters may be beyond our control, we cannot guarantee that you will have uninterrupted access to the Site at all times.
The information that is provided on the Site has been included in good faith for general informational purposes only. It should not be relied upon for any specific purpose and no representation or warranty is given as to its accuracy or completeness and you hereby acknowledge that any reliance upon the information on the Site shall be at your own risk.
We reserve the right to amend any of the content of the Site from time to time without notice to you.
We reserve the right to amend these Terms from time to time without notice to you. Any such amendment shall be effective once the revised Terms have been posted on the Site. As these Terms may be updated from time to time, we suggest that you check them whenever you visit the Site. If you do not agree with the amended Terms you must discontinue using the Site.
Links to other websites are not endorsed nor do Polaris take responsibility for the content of other websites, or are responsible for the availability of them and will not be liable in any way for any loss or damage which you may suffer by using those websites. If you decide to access linked websites you do so at your own risk.
imarket, ProductWriter and all brand, product and service names used on the Site are trademarks, trade names or service marks of Polaris unless otherwise stated. You may not distribute products or offer services under or by reference to or otherwise use or reproduce any such trade marks, trade names or service marks without the prior written permission of Polaris or the owner of such trade marks, trade names or service marks.
You may not publish, distribute, extract, re-utilise or reproduce any part of the Site in any material form (including photocopying or storing it on any medium by electronic means) other than in accordance with the limited use licence set out in the Copyright Notice section below or as permitted by the Copyright Designs and Patents Act 1988 or the Copyright and Rights in Databases Regulations 1997 as applicable or any equivalent legislation as may apply in the UK.
7.1. User generated content
7.1.1. Keep it relevant
For everyone’s benefit, please stay on topic. The Community is specifically provided to allow users and customers of ProductWriter to help each other in using our software. Please refrain from discussing personal matters, abusing any company or product, or, in general, from posting in a manner unrelated to ProductWriter.
7.1.2. Keep it courteous
Please refrain from posting anything unlawful, libelous, defamatory, obscene, pornographic, indecent, lewd, harassing, politically sensitive, threatening, harmful, invasive of privacy or publicity rights, abusive, inflammatory, or otherwise objectionable or injurious to third parties[SW1] .
7.1.3. Keep it legal
It is unacceptable to post any material (i) that would infringe on any patent, trademark, trade secret, copyright, or other proprietary rights of any party, (ii) that contains software viruses or any other computer code or files that are designed to disrupt, damage, or limit the functioning of any software or hardware, (iii) that is deemed to be illegal by any local, or international law, rule, or regulation, or (iv) that suggests or encourages illegal activity.
7.1.4. Keep confidential information confidential
You may not use the Community Hub to disseminate or discuss any confidential information or personal data (as defined by the General Data Protection Regulation) about you, your company, Polaris, or any other person or entity. You are solely responsible to ensure that anything you post does not contain information that may be deemed confidential or to be personal data by a third party. This includes any proprietary information, trade secrets, the terms or existence of Polaris related agreements, nondisclosure agreements, sales or service agreements, any data identifying or relating to an individual, or any other information that may be deemed confidential.
7.1.5. Polaris retains the right to remove content and limit user’s access
Polaris retains the right, at its sole discretion, to limit users’ access to the Community Hub and to remove material that, in Polaris’s sole judgment, does not comply with the current Community Usage Guidelines, or that is otherwise inappropriate, harmful, objectionable, or inaccurate. Moderators may take any action they deem necessary in their own judgment to support the Community Usage Guidelines, and, in general, prohibit content that can detract from the experience of other users or the purpose of the support community. Such actions may include editing or deleting material and suspending individual users. Violation of the Community Usage Guidelines or other terms could result in the suspension or termination of your access to these services. If your account is suspended, you will not be able to sign in.
7.1.6. Disclaimer of Warranties and Limitation of Liability
Members like you are providing most of the material in the ProductWriter Community Hub. Such third-party content is the sole responsibility of the person originating the material. Polaris does not control and is not responsible for this third-party material.
Whilst we have taken care in the preparation of the Site and its contents (including virus checking files which are accessible from the Site), the Site and its contents are provided on an “as is” basis and to the fullest extent permitted by law all warranties (whether express or implied) in respect of the Site and its contents and your use of the same are excluded. Except in the case of death or personal injury caused by our negligence we exclude all liability to you (whether in contract or tort (including negligence or breach of statutory duty ) or otherwise) for any losses sustained arising out of or in connection with the use of the Site including without limitation, loss of profits, loss of data or loss of goodwill (in all of these cases whether direct or indirect) nor any indirect, economic, consequential or special loss.
Notwithstanding the above, we recommend that you conduct virus checks on any files you download from the Site.
The contents of these pages are © Polaris U.K. Ltd. Reproduction of part or all of the contents of our Site in any form is prohibited other than in accordance with the following permissions:
9.1 Licence to copy for personal use:
You may make copies of the web pages from our Site as necessary incidental acts during your viewing of it, and you may take a print for your personal use of as much of our Site content as is reasonable for the purpose of your Company’s business (“Company” means either the insurance, broker or software company which authorised you to access the Site).
9.2 Licence to recopy for limited purposes:
Only Polaris licensees (users of this Site who have entered into a licence with Polaris for the use of its software) may recopy content from our Site to individual third parties but only for their personal information, and only if:
This licence to recopy does not permit incorporation of the material or any part of it in any other work or publication, whether in hard copy or electronic or any other form.
No part of our Site may be reproduced on or transmitted to or stored in any other website or other form of electronic retrieval system.
The Site is operated by Polaris U.K. Ltd (registered number 2911441) and whose registered office and contact address is at:
New London House, 6 London Street, London, EC3R 7LP.
If you have any comments or questions regarding the Site, please contact us.
These Terms are governed by and will be construed in accordance with the law of England and Wales. Any dispute arising under or in connection with these Terms shall be subject to the exclusive jurisdiction of the English Courts.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
| Cookie | Duration | Description |
|---|---|---|
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| CookieLawInfoConsent | 1 year | Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie. |
| rc::a | Session | This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on its use. |
| rc::c | Session | This cookie is used to distinguish between humans and bots. |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
| wp-settings-time | 363 days | Cookie set by the WordPress CMS. Used to customize user’s view of site interface. |
| XSRF-TOKEN | 15 hours | This cookie is set by Wix and is used for security purposes. |
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Third Party ServicesWe use the following third-party services to provide our analytical cookies:
We don't collect or store your personal information (e.g. your name or address) so this information can't be used to identify who you are.
Further information regarding the analytical cookies we use can found here.
| Cookie | Duration | Description |
|---|---|---|
| _ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
| _ga_* | 1 year 1 month 4 days | Google Analytics sets this cookie to store and count page views. |
| _ga_8EF0NVDGJH | 2 years | This cookie is installed by Google Analytics. |
| _hjAbsoluteSessionInProgress | 30 minutes | Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie. |
| _hjCachedUserAttributes | Session | This cookie stores User Attributes which are sent through the Hotjar Identify API, whenever the user is not in the sample. Collected attributes will only be saved to Hotjar servers if the user interacts with a Hotjar Feedback tool, but the cookie will be used regardless of whether a Feedback tool is present. |
| _hjClosedSurveyInvites | 1 year | Hotjar cookie that is set once a user interacts with an External Link Survey invitation modal. It is used to ensure that the same invite does not reappear if it has already been shown. |
| _hjDonePolls | 1 year | Hotjar cookie that is set once a user completes a survey using the On-site Survey widget. It is used to ensure that the same survey does not reappear if it has already been filled in. |
| _hjFirstSeen | 30 minutes | Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user. |
| _hjid | 365 days | Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
| _hjIncludedInPageviewSample | 2 minutes | Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit. |
| _hjIncludedInSessionSample | 2 minutes | Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit. |
| _hjKB | 1 year | Records the status of the survey pop-up. |
| _hjLocalStorageTest | Under 100ms | This cookie is used to check if the Hotjar Tracking Script can use local storage. If it can, a value of 1 is set in this cookie. The data stored in_hjLocalStorageTest has no expiration time, but it is deleted almost immediately after it is created. |
| _hjMinimizedPolls | 1 year | Hotjar cookie that is set once a user minimizes an On-site Survey widget. It is used to ensure that the widget stays minimized when the user navigates through your site. |
| _hjRecordingEnabled | never | Hotjar sets this cookie when a Recording starts and is read when the recording module is initialized, to see if the user is already in a recording in a particular session. |
| _hjRecordingLastActivity | never | Hotjar sets this cookie when a user recording starts and when data is sent through the WebSocket. |
| _hjSession{site_id} | 30 minutes | A cookie that holds the current session data. This ensues that subsequent requests within the session window will be attributed to the same Hotjar session. |
| _hjSessionRejected | Session | If present, this cookie will be set to ‘1’ for the duration of a user’s session, if Hotjar rejected the session from connecting to our WebSocket due to server overload. This cookie is only applied in extremely rare situations to prevent severe performance issues. |
| _hjSessionResumed | Session | A cookie that is set when a session/recording is reconnected to Hotjar servers after a break in connection. |
| _hjSessionTooLarge | Session | Causes Hotjar to stop collecting data if a session becomes too large. This is determined automatically by a signal from the WebSocket server if the session size exceeds the limit. |
| _hjSessionUser{site_id} | 365 days | Hotjar cookie that is set when a user first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
| _hjTLDTest | session | To determine the most generic cookie path that has to be used instead of the page hostname, Hotjar sets the _hjTLDTest cookie to store different URL substring alternatives until it fails. |
| _hjUserAttributesHash | Session | User Attributes sent through the Hotjar Identify API are cached for the duration of the session in order to know when an attribute has changed and needs to be updated. |
| _hjViewportId | Session | This stores information about the user viewport such as size and dimensions. |
| hjShownFeedbackMessage | 365 days | Hotjar cookie that is set when a user minimizes or completes Incoming Feedback. This is done so that the Incoming Feedback will load as minimized immediately if the user navigates to another page where it is set to show. |
| pardot | Session | The pardot cookie is set while the visitor is logged in as a Pardot user. The cookie indicates an active session and is not used for tracking. |
| vuid | 2 years | Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos on the website. |
| Cookie | Duration | Description |
|---|---|---|
| _hjIncludedInSessionSample_2783668 | 2 minutes | Description is currently not available. |
| _hjSession_2783668 | 30 minutes | A cookie that holds the current session data. This ensues that subsequent requests within the session window will be attributed to the same Hotjar session. |
| _hjSessionUser_2783668 | 1 year | Hotjar cookie that is set when a user first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
| hubaccesstoken | Session | Records a logged in user’s access token via the Hub system. |
| lpv883703 | 30 minutes | This LPV cookie is set to keep Pardot from tracking multiple page views on a single asset over a 30-minute session. For example, if a visitor reloads a landing page several times over a 30-minute period, this cookie keeps each reload from being tracked as a page view. |
| podaccesstoken | Session | Records a logged in user’s access status to the POD system. |
| polaris_session | 15 hours | Cookie set upon initiation of the user’s current session on the Polaris site. |
| visitor_id883703 | 10 years | The visitor cookie includes a unique visitor ID and the unique identifier for your account. For example, the cookie name visitor_id12345 stores the visitor ID 1010101010. The account identifier, 12345, makes sure that the visitor is tracked on the correct Pardot account. The visitor value is the visitor_id in your Pardot account. This cookie is set for visitors by the Pardot tracking code |
| visitor_id883703-hash | 10 years | The visitor hash cookie contains the account ID and stores a unique hash. For example, the cookie name visitor_id12345-hash stores the hash “855c3697d9979e78ac404c4ba2c66533”, and the account ID is 12345. This cookie is a security measure to make sure that a malicious user can’t fake a visitor from Pardot and access corresponding prospect information. |
| Cookie | Duration | Description |
|---|---|---|
| __cf_bm | 30 minutes | Cloudflare set the cookie to support Cloudflare Bot Management. |
