The EU General Data Protection Regulation (GDPR) is a significant step forwards in standardising data protection requirements across the EU. Here at sales-i, we welcome the GDPR and are proactively working to ensure complete compliance and education of our employees in advance of the May 2018 deadline. Below are some of the most common questions we receive from our customers surrounding our processes to ensuring we comply fully with the GDPR.
What is the GDPR?
The GDPR comes in to effect on Friday 25 May 2018. It replaces the Data Protection Directive 95/46/EC and it has been designed to harmonise data privacy laws across Europe to protect and empower all EU citizens data privacy and to reshape the way data privacy is approached across organisations. The full details of the directive can be found here.
Other useful resources about GDPR can be found on the Information Commissioners Office website here.
What is sales-i doing ensure compliance?
In response to the new GDPR regulation, sales-i has been working to understand the requirements to ensure we are fully compliant with this new regulation. As the date for compliance approaches we are continually evaluating any additional requirements or restrictions that are being imposed under this regulation and we will take every action necessary to ensure our customers’ data is handled in compliance with the applicable law by the date the regulation is enforced.
Has buy-in been secured at executive level to ensure we have the required resources and budget on hand to move our GDPR project forward?
Buy-in has been secured at the highest level within our organisation. This new regulation is being taken seriously and the necessary resources and budget have been allocated to ensure we are compliant.
Is there a project at sales-i to ensure compliance with GDPR by the May 2018 deadline?
Yes, we have been tracking the GDPR legislation throughout its evolution to ensure complete compliance by the required date.
Has sales-i considered how it will handle employee data?
Yes, this is included in our GDPR project.
Do customers need to have a Data Processing Agreement with sales-i?
Where we are the data processor, we are currently working on updating our contracts with relevant controllers to ensure they include the mandatory provisions set out in Article 28 of the GDPR. In relation to our customers, sales-i is the data processor and our customer is the data controller.