GDPR @ Propeller
General Data Protection Regulation (GDPR)
You are probably already aware that the rules are changing regarding the Data Protection Act and we need to inform you about the steps Propeller Design Ltd (Propeller Design) are taking to ensure you benefit from the new rules and enhanced protection.
WHAT IS CHANGING?
On the 25th May 2018, new rules for safeguarding information come into force. They will be referred to as the General Data Protection Regulation (GDPR) meaning that any company handling your personal details will have to:
- Process information fairly and lawfully.
- Retain your information for limited purposes and in an appropriate way.
- Ensure that information requested must be adequate, relevant and not excessive for the purpose.
- Take steps to ensure all information held by a firm must be accurate.
- Ensure that any information must not be kept longer than necessary for the purpose you provided it.
- Ensure that information is processed in line with data subjects’ rights.
- Put in place measures that keep data secure at all times.
- Ensure data is not transferred to people or organisations situated in countries without adequate protection.
SPECIFIC STEPS Propeller Design ARE TAKING
- We have been checking and adapting our processes to ensure they conform to the requirements of the new GDPR.
- We are working with our product providers to ensure their continued compliance with Data Protection legislation.
- We will be reviewing and updating your Terms & Conditions and other client documentation to ensure they are accurate for when GDPR legislation comes into effect.
- We have adapted our ongoing staff training to ensure all their understanding of the new rules and responsibilities when processing data you provide as a client of Propeller Design.
ENHANCED CYBER PROTECTION
Propeller Design has achieved certification in the Government’s Cyber Essentials programme which aims to mitigate the risk from common internet-based threats. Cert No (to follow)
THE NEW REQUIREMENTS WILL BE INCORPORATED INTO OUR SYSTEMS
Clarification on the finer GDPR detail is still evolving via the Information Commissioner’s Office (ICO), which is the governing body for data protection in the UK. We are monitoring developments closely and, if necessary, will introduce and/or refine our processes accordingly before the new rules coming into force.
SPECIALIST THIRD PARTY AUDIT
We have appointed a specialist third party to undertake a detailed audit to ensure we continue to meet the requirements of the ICO before the new rules come into effect.
Propeller Design will be ready for the requirements of GDPR when the rules apply from the 25th May 2018. Many aspects of the new regulations have already been implemented and we will continue to monitor the ICO for new developments.
If you have any questions about the GDPR and how it affects you, please contact us.