What is GDPR?
On May 25th, 2018 a new European regulation called The General Data Protection Regulation (GDPR) came into effect. This ensures the rights of EU citizens are meeting basic data protection standard. The aim of this regulation is to make sure citizens personal data sent and received are protected and this regulation will be implemented throughout the UK and EU.
Businesses that store or collects data related to an EU citizen must comply with the following:
The Right to Access
Users have the right to request access to their personal data and to ask how their data is used by the company after it has been gathered.
The Right to Be Forgotten
If a user is no longer a customer, or if they withdraw their consent from a company to use their personal data, then they have the right to have their data deleted, the right to be forgotten.
The Right to Data Portability
Users have a right to transfer their data from one service provider to another. It must also happen in a commonly used and machine readable format.
The Right to Be Informed
Any gathering of data by companies must inform the user before data is gathered. Users have to opt in for their data to be gathered, and consent must be freely given rather than implied.
The Right to Restrict Processing
Users can request that their data is not used for processing. Their record can remain in place, but not to be used.
The Right to Object
The right of users to stop the processing of their data for direct marketing. There are no exemptions to this rule, and any processing must stop as soon as the request is received. Furthermore, this right must be made clear to individuals at the very start of any communication.
The Right to Be Notified
If there has been a data breach which compromise users’ personal data, the individual has a right to be informed within 72 hours of first having become aware of the breach.
GDPR & Data Protection
The General Data Protection Regulation (GDPR) became a reality due to the way many people’s personal data has been treated in the past. Companies would treat peoples data as a resource they could utilise without regard to the rights of the individual. GDPR will allow people to control their personal data and requires businesses to make data protection a core part of their business operations.
This is why at Clydewire we will only store your personal data if you have consented us to do so. Data security is a big part of GDPR and being within the EU. We have a responsibility to keep your data safe. That’s why it’s important to ensure that any personal data we store is secure.
The type of data we store ranges from, name, address, email address, bank details, photos and ip addresses.
At Clydewire we use your data for business and marketing communication. We only pass on your data to third parties in relation to referral of new business. You can be sure that your data will be secure. We store your personal data on our encrypted secure servers and all staff are trained in the security of such sensitive information.
If any individual should wish to view their data at any time, we will happily oblige. We will safely remove and destroy any of your data should you wish us to do so, within 1 month of you asking us.
Our staff fully understand what a breach of personal data is and know to report it to the DPO straight away. Should we source any work out to a third party, we ensure they are compliant with GDPR beforehand. This is to ensure that your personal data is secure and safe.
If you have any questions please don’t hesitate to contact us