The General Data Protection Regulation (GDPR) legislation has implications for any organisation that operates in the EU or holds data on EU citizens. GDPR is an update on the Data Protection Act 1998 that has been in force since 1998. It imposes new rules on companies that hold data on EU residents.
Who is affected by the GDPR?
Each business operating in the EU is affected by the GDPR, and we are being pro-active in complying with the Regulation. The Information Commissioner has confirmed that GDPR will apply in the UK when it comes into force in 2018 and will remain after the UK leaves the EU.
How does this affect me?
Data in your ClarionCall system will already be secure and stored in such a way to comply with the Data Protection Act 1998. However, some changes will be needed to meet the GDPR’s demands such as ensuring that our current data retention and deletion policies are communicated clearly to you.
How can ClarionCall help you?
ClarionCall’s system has been supporting their clients’ Data Protection obligations for many years. ClarionCall has engaged an external company to audit our processes and policies to assess our present position and produce a road map to ensure compliance with the GDPR. At present:
- our current policies comply with the new Regulation
- your data is stored in the UK
- our suppliers have been informed and as they are based within the EU, they are currently taking steps to comply with the GDPR.
We will need to:
- clarify the procedure for subject access requests
- introduce a GDPR compliant policy on data deletion
- clarify the ‘right to be forgotten’ and data deletion
We will continue to keep you informed of our progress in GDPR compliance.
23 October 2017