Protecting our members and users data: GDPR and what we are doing

Published: 02 March 2018

With the General Data Protection Regulation (GDPR) coming into effect in May, we are making changes to our policies, processes, services and systems to ensure that we comply with the Regulation and continue to put data protection first.

GDPR: A new data privacy landscape

From 25 May 2018, organisations who handle personal data will need to meet new legal requirements, as the General Data Protection Regulation comes into effect across the EU (replacing the 1995 EU Data Protection Directive).

On the same day, the UK’s Data Protection Bill will pass into law, as the Data Protection Act 2018, effectively implementing the GDPR into UK law.

GDPR, and the forthcoming Data Protection Act 2018, expand the privacy rights granted to data subjects (EU/EEA individuals) and place greater obligations on organisations who handle personal data of those individuals (data controllers and processors), wherever those organisations are based.

The Regulation and accompanying UK Act will standardise data protection laws across EU member countries (and post-Brexit UK), giving EU and UK citizens greater control over their personal data. For example, making it easier to understand how your data is being used, and ensuring that the organisations you entrust with your data are taking care of it.

What we’re doing to comply with GDPR

As an organisation that handles personal data (e.g. name, email and address), Axisweb is committed to ensuring that we are compliant with GDPR.

Some of the steps we have taken and are taking include:

  • mapping all data handled by Axisweb

  • analysing GDPR requirements against our current processes and policies

  • making changes to our services and processes in line with requirements
  • reviewing and updating contracts, as and where appropriate

  • training all staff on the requirements of GDPR and Axiswebs’ data privacy procedures.

While there are boxes that need ticking, Axiswebs’ approach is not only to fix immediate issues, but to implement ‘privacy by design’. We aim to ensure that data privacy is a day to day consideration across the organisation and central to how we work.

Author: Axisweb

Share this

< Fierce and Urgent Conversations Fierce and Urgent Conversations >