The countdown is officially on! There are now less than 100 days until the new European Union (EU) General Data Protection Regulation (GDPR) kicks off on the 25th May 2018. It will affect all organisations in the EU that store or process personal data.
We have been continuously assessing our role and our ongoing commitment to our high standards of privacy, security, compliance and transparency. This will ensure that we will be ready and compliant with GDPR regulations when they come into effect.
We also recognise our duty to customers and will assist in preparing for their role as Data Controllers.
We’ve prepared a list of commonly asked questions that we are likely receive.
What is the GDPR?
GDPR is a new legal framework for data protection laws in the EU.
It aims to harmonise the current 28 different data protection sets of laws in place. Meaning there is only one law for the entire EU. It will also massively increase the rights of an individual by giving them more freedom to have an input on what, how, why, where and when their personal data is used.
Are Aryza GDPR compliant and if not, what are your plans to do so?
While we have always placed the highest priority on our data security under the current Data Protection laws, our aim now is to achieve compliance by time the regulation takes effect.
We are taking steps to ensure GDPR readiness. We have put together a dedicated internal team who are currently reviewing all our data handling activities and the requirements of the GDPR, both for the Data Controllers and Data Processors as part of our GDPR Roadmap. They have been adhering to the Information Commissioners Office (ICO) guidance on GDPR to ensure that all our products are fully compliant by the May 25th deadline.
We have completed a Data Protection Impact Assessment (DPIA) which has allowed us to take measures to fill any gaps.
Everyone here at Aryza will take part in GDPR readiness training. This will ensure we are all able to answer any of our customer queries.
We are also working on approaches that will allow our customers to handle subject access requests, right to be forgotten requests and help with their data retention polices across all of our applications.
Does Aryza have a Data Protection Officer?
Yes, we do. Her name is Lorraine Surlis. She will be our point of contact for all data protection related queries email@example.com.
Third Party Contracts
Aryza are also reviewing our suppliers to ensure that all our partners continue to apply the same high standards of data protection in line with GDPR requirements.