What is GDPR?
The General Data Protection Regulation (GDPR) was developed to create cohesive data privacy laws that serve to protect the personal data of all EU citizens. Any organization that offers goods or services to, or monitors the behavior of, EU citizens, are impacted by the GDPR
What have we done about GDPR?
Our Supplier Privacy & Security Policies
The EU’s GDPR homepage
A PDF version of the GDPR (as of April 6, 2016) http://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/en/pdf
Cloud Services Provider AWS GDPR Compliance: https://aws.amazon.com/compliance/gdpr-center/
Cloud Services Provider Azure GDPR Compliance: https://www.microsoft.com/en-us/TrustCenter/CloudServices/Azure/GDPR
Microsoft’s GDPR Readiness Assessment: https://assessment.microsoft.com/gdpr-compliance
Frequently asked questions
What steps have you taken to become GDPR compliant by the May 25th deadline?
- We completed our audit and conducted a gap assessment in December
- Following from the gap assessment, we created an internal roadmap to make sure we are compliant with GDPR come 25th May 2018
- We engaged our security team to consider and perform the necessary changes/improvements to our service infrastructure based on requirements identified in our gap analysis
- We reviewed our key third party vendor arrangements, and made sure we had the appropriate contractual protections in place to satisfy GDPR
- We have updated our internal policies and procedures for GDPR compliance
- We have updated our external facing policies to be GDPR compliant and will be publishing those updated policies prior to the GDPR effective date
Do you have a data protection officer?
Yes, our DPO is Steve Dunmall and can be contacted by email email@example.com
Do you have a dedicated security team?
Yes, in November 2017 we formalised a new division within the group of companies (Total Technology Group) dedicated to handling both internal and client security. More information about our security services can be found under the Managed Security page.