What we’re doing about the GDPR?
We started educating our staff and preparing for compliance in 2017 and since then we have completed a number of steps.
- Identified key areas where our business and products are affected by the GDPR, what information do we collect and process and how this information flows through our company and implementations of our products;
- Created a roadmap on how to become fully compliant before May 25th;
- Implemented changes in our internal processes and procedures to achieve and maintain compliance;
- We have started a ISO/IEC 27001:2013 certification process;
How are we helping our clients become GDPR compliant?
As a software solution provider we are committed to helping all of our clients become GDPR ready. We understand that every company’s journey to GDPR compliance is different but the security and privacy measures implemented in our products, take the weight off our clients in key areas. Since the latest release of our CMS we have done the following:
- Improved the security of our products beyond the requirements of Article 25 and 32 of the GDPR;
- Documented our security measures and how data is protected in our products so our clients can demonstrate technical compliance;
- Mapped the commonly used personal data structures in our product and the flow of the data through the system;
- Developed new accountability instruments in the administrative panel;
- Created tools assisting controllers with individual’s rights under the GDPR including data portability, right of access, restriction of processing, right to erasure etc.;
- Designed tools for managing the entire digital consent lifecycle;