GDPR Readiness Statement
Introduction
On 25th May 2018 the General Data Protection Regulation (GDPR) became effective and replaced the previous Data Protection Act of 1998. GDPR outlines the responsibilities of an organisation which holds and processes the personal data of individuals within the EU.
Intellicentrics have always been committed to offering the most compliant service possible to all of our customers and employees. This continues with the introduction of GDPR.
Preparing for GDPR
In preparation for the introduction of the new regulations Intellicentrics have undertaken multiple steps, key areas listed below:
- Designated a Data Protection Officer
- GDPR Employee Awareness Training for existing and new employees
- Introduced a Data Asset Register for all personal data within the organisation and applications.
- Including the collection, processing retention and deletion of any personal data.
- Identified risk (Privacy Impact Assessment) and added new measures for all future application development.
- Reviewed all Policy and Consent statements
Our Customers
We understand GDPRs impact on organisations and want to ensure our customers that all personal data shared within our applications are processed compliantly to current and future data processing regulations.
Subject Access Requests
Intellicentrics can provide support (listed below) for customer data we hold and process:
- Personal data Subject Access Requests
- Retention periods and deletion of personal data
- Data portability requests
Data Breaches
Intellicentrics have a pre-defined procedure for managing a data breach. This process includes the Identification, Review and Reporting such incident to the relevant controller.
Please note that Intellicentrics have and will continue to provide comprehensive security measures to protect against data breaches.