What steps have we taken to comply with the GDPR

An awful lot of work has gone into ensuring that we are in strict compliance with the GDPR.

Working with our legal partners ClearComm we’ve taken a structured approach to complying with the GDPR:

  • All staff undertook GDPR training via ClearComm (our GDPR compliance team).
  • A discovery stage outline the broad scope in terms of how we can comply
  • A detailed data mapping and gap analysis identified which areas of the business required amendments, additions or great controls.
  • A retention policy was initiated
  • All policies and procedures were reviewed

Any organisation which has undertaken the necessary measures to comply with the GDPR will be aware that this area is both broad and complex.  Alignment is not a one-time process and we have implemented measures within our business to ensure we remain compliant.

Who does the GDPR apply to?

Any organisation which processes or holds the personal data of data subjects residing in the EU will be obliged to abide by the laws set out by the GDPR. This applies to every organisation, regardless of whether or not they themselves reside in one of the EU member states.

What is GDPR?

GDPR stands for General Data Protection Regulation and is the new European Union Regulation set to replace the Data Protection Directive (DPD) and The UK Data Protection Act 1998. It was approved by the EU Parliament on April 14th 2016 and is enforceable from 25 May 2018.