We care about your privacy.
The General Data Protection Regulation (GDPR) governs all businesses in the UK. This is a European regulation to ensure individuals privacy and rights are protected when information about them has been collected or processed.
The key pillars of GDPR are as follows:
- Individuals privacy is respected, and process and systems uphold this.
- Right for the individual to request all data about them is deleted.
- Right to move the data from one data controller to another.
- Individual has control over their own data and how this data may be used.
- Transparency for data handlers, if a breach occurs then the data protection authority and the individuals affected within 72 hours of breach discovery.
- Severe non-compliance fines for businesses who do not adhere to the Regulation.
What have we done about this?
A full pre GDPR audit was carried out at Online Systems with the resulting actions being completed:
Key compliance policies updated and shared with all staff.
GDPR and general IT Security training sessions are undertaken by all staff.
Scoping of development of our internal CRM to allow for easy extraction of individuals data in the event of a Subject Access Request and subsequent removal if applicable.
Where is our data held?
No data processed or managed by Online Systems resides outside of the EU or is shared with 3rd parties (unless legal regulations dictate otherwise). Customer data that is held within the cloud resides in either Ireland or the Netherlands.
If you have any queries about either GDPR or your personal data please contact us here firstname.lastname@example.org.