01158968860
THE GENERAL DATA PROTECTION REGULATION (GDPR) WILL APPLY IN FULL AS OF 25 MAY 2018
The GDPR will significantly change and update the data protection regime across the EU. One Connectivity have reviewed where and how this impacts on our business including, amongst other things, the production of new contracts for our partners and customers. One Connectivity employees have on the 23/4/2018 completed privacy and security training and all our relevant policies have been updated to ensure compliance with GDPR.
Every business that handles personal data (which includes you) will need to take steps to adapt and comply with the new regime. Taking action now will minimise the risk of the (increased) GDPR sanctions for non-compliance as well as the reputational exposure, which will cause direct damage to your business.
The principles in GDPR are broadly similar but stricter than the existing eight principles in the Data Protection Act.
They are:
• Lawfulness, Fairness and Transparency; for every individual/ company and organisation
• Purpose Limitation; how One Connectivity must limit and manage the data held
• Data Minimisation; ensuring the data held by One Connectivity is limited to its legal requirements
• Accuracy; All data One Connectivity hold is accurate at all times is accurate
• Storage Limitation; One Connectivity ensure the limitation at all times in accordance with contractual obligations
• Integrity and Confidentiality; One Connectivity internal processes adhere to the integrity/ confidentiality and privacy policies at all times and ensure that we not only deliver on GDPR but give assurance guarantees to our customers and suppliers.
OBLIGATIONS
One Connectivity are directly responsible for compliance with data protection law, which is significant change for not only us but most of our customers and all of our partners.
The key new areas;
• Our obligation to maintain records and processing carried out on behalf of data controller and (where applicable) representatives and the data protection (DPO) for each; categories of processing for each data controller; transfers of data outside the EEA, including identification of appropriate safegurads; a general description of technical and organisational security measures. This is sometimes referred to as a Privacy Policy/ Notice;
• An obligation to implement appropriate data security measures and notify data controllers of security breaches (so this includes us if there has been a breach under the GDPR);
• We have appointed an officer to offer full support to all customers and partners; for any questions or queries, please email gdpr@oneconnectivity.co.uk
