The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonise data privacy laws across Europe. The enforcement date is 25th May 2018.
To demonstrate our accountability and show we take Data Protection seriously, we have been working with external consultants, Databasix, since November 2017 with our implementation plan.
We have gone through the recommended process with the support of our external consultants to consider:
- An update of our policies
- Verification of our security around the data we hold and the use of encryption
- A review of our day to day procedures and how data is stored
- The use of a secure online portal for data transfer between ourselves and our clients
- The completion of our asset register considering how we receive data, why, how we use it and the risk associated with its management
- Undertaken training for all our team
We are registered with the Information Commissioners Office # Z8329411
You can read our Privacy and Cookies Policy by clicking here