COMPELO AND GDPR
The EU General Data Protection Regulation (GDPR), which was approved to replace the previous EU Data Protection Directive, and takes effect May 25, 2018. GDPR replaces the current EU privacy regime — which includes separate data protection laws in each of the EU Member States — with a single data protection law across the EU. GDPR expands the privacy rights granted to EU individuals, and it places many new obligations on organisations that market to, track or handle EU personal data, no matter where an organization is located.
COMPELO welcomes GDPR as an important step forward in streamlining data protection requirements across the EU and as an opportunity for COMPELO to deepen our commitment to data protection.
What is COMPELO doing to comply with GDPR? COMPELO has closely analysed the requirements of GDPR and is working to make enhancements to our products, contracts, and documentation to help support COMPELO’s and our customers’ compliance with GDPR.
The following are some examples of actions COMPELO is taking to comply with GDPR: A. Reviewing our data processing activities to determine which data processing activities and systems are subject to the GDPR. B. Conducting an assessment of our current activities and privacy program against GDPR and mapping our data processing activities. C. Reviewing and updating existing and new third-party service provider agreements to include GDPR-compliant data processing terms. D. Identifying and conducting any necessary data protection impact assessments DPIAs on data processing activities. E. Implementing and updating policies and procedures to address privacy-by-design principles. As part of this we are assessing data processing activities and related risks, and implementing practices and safeguards to mitigate such risks. F. Updating our incident response program to address GDPR’s breach notification standard and requirements. G. Amending and developing internal processes to address and accommodate expanded individual rights requests H. Adopting new tools to manage, document, and renew GDPR compliance requirements. Any other questions? Please feel free to email the COMPELO privacy team at [email protected]