GDPR is here and it applies to you

The GDPR is the new EU-wide data privacy law that protects individuals' personal information. It replaces the UK's Data Protection Act and will apply after Bexit. 

Under this regulation, organisations are accountable for complying with the law, being able to demonstrate compliance and for protecting the data of the people whose information they hold.

It applies to all companies in the EU that process information on individuals; and those outside the EU that hold or process data on people within the EU. So, if you have employees, customers, suppliers or prospects (or all of these), then you have personal data in your systems that needs to be protected. 

Apart from protecting the data, you also need to have a clear purpose and a legal reason for holding it. And the people whose information you hold have rights, so it's important to understand the law and what you need to do to be on the right side of it. You can find all the information you need here guide-to-the-general-data-protection-regulation-gdpr. And we can recommend someone who can help you get there.

So what are we doing about it?

We took expert advice and invested in some GDPR consultancy to review our systems and processes and made the recommended changes to ensure we are compliant with the law.

We updated our Privacy Policy

The Privacy Policy on our website is GDPR compliant. It outlines what personal data we may hold, why we have it and what we do with it. It also tells you how we take care of it and what the data owners' rights are.

We updated our Data Protection policy

We reviewed our policies and practices around data protection and retention and made them even stronger, to secure the personal information of our business partners and employees.

We put a GDPR Compliance Statement in place to show that are compliant and demonstrate our commitment to data privacy, we developed a statement that gives our clients reassurance around our handling of personal data and our respect for the law. This is available for clients to sign on request.

We’ve ensured our vendors are secure

We have reviewed our processors and the companies that host our data to obtain reassurance of their compliance. There are GDPR-compliant data processing terms and conditions in place with all suppliers that may handle your personal data.

Questions?

Feel free to reach out to us if you have any questions about the GDPR – we’d be happy to chat about it.