Protecting and defending our customers's privacy is our top priority. The General Data Protection Regulation (GDPR) will be in effect from 25th May, 2018. See what APPSeCONNECT has done to prepare for it and how we are implementing several updates across sales, marketing, operations and product.
What you need to know
What is the GDPR?
On April 14, 2016, the European Parliament approved the General Data Protection Regulation (GDPR ). This creates a new regulatory framework unifying data protection laws across the 28 EU member states and replaces the current EU Data Directive. The GDPR comes into effect on May 25, 2018.
How does the GDPR apply to us?
The GDPR applies to all organizations located in the EU and all organizations outside the EU offering goods and services (irrespective of payment) to, and/or monitoring the behaviour of, individuals in the EU. Primarily, as a Data Processor with legitimate business interests, we welcome GDPR compliance to enhance the security of our service offerings.
What are the GDPR key requirements we are focusing on?
(A) Emphasis on data control : Under the GDPR, individuals will have the following new and enhanced features to:
- Access personal data
- Correct data inaccuracies
- Have data deleted/erased
- Prevent direct marketing
- Restrict automated decision-making and profiling
- Data portability
We are creating simple-to-use communication channels for our EU data subjects to reach out to us to exercise these rights seamlessly.
(B) Emphasis on data process : New and enhanced requirements:
- 72 hour breach notification
- Performance of regular risk assessments and privacy impact assessments
- Privacy by design embedded throughout the organization’s systems, technologies and processes
Our Cybersecurity processes have been fine-tuned further to perform incident management, risk management & treat privacy by design at the core of our technology competence.
What is Our GDPR program?
Understanding our data landscape and how the use, movement and sharing of that data is managed today provides the baseline for us to meet GPDR in spirit & design. We are putting our energies in strengthening these 8 domain areas to have a better coverage of GDPR:
- Strategy, Governance and Accountability
- Data Subject Rights & Processing
- Privacy Notice & Policy Management
- Risk Management & Compliance
- Data Lifecycle Management
- Incident Response & Breach Management
- Third Party Risk Management
- Data Security
What does it mean for our clients & partners?
Nothing changes for our clients, except that we would be able to build better and deliver best working experience to them. In some rare cases, where GDPR restricts our ability to work with certain clients & partners due to non-compliance at their respective ends, we don’t see any impact at all. Overall, we really feel GDPR as a fantastic global opportunity to serve our customers with an awesome array of our secured services.
Queries on GDPR?
We would be happy to answer any queries you have for us. Kindly contact us on firstname.lastname@example.org