Identify all your active data processors. For each data processor, take note of these following questions:
• Why are you using the data?
• Where is the data stored?
• Do you need this data?
It’s rare that you will come across a data processor that isn’t compliant and has no plans to be by the deadline. If this does happen, it is recommended that you replace them as soon as you can. You will be within your rights to ask your current processor for a copy of your data, and then delete their copy of it as well.
Keep in mind here that holding data opens you up to liability. Unless you deem it necessary to keep the data, it’s ideal to delete it.
Who’s in charge of applying this in your company?
All controllers and/or processors must be able to demonstrate compliance to their local authority through a data protection officer (DPO). Processes should be recorded and put up for review regularly– and employees should be trained and operational measures should be adapted in order to demonstrate this compliance.
The DPO or other experts should be responsible for monitoring your organization’s compliance with GDPR rules.
However, this only applies to organizations that process large amounts of personal data, whether that be employees’ information or individuals outside of the company.
DPO can either be a trained employee designated by data controller organization or an outsourced professional.
Where does VBOUT stand?
Our role as a stakeholder in these new regulations is as a data processor. The services we provide to our clients (the controller) presents us with our own set of responsibilities; including keeping personal data secure from unauthorized access, disclosure, destruction or accidental loss.
In this framework, VBOUT has put all efforts needed and guide its client toward the compliance with GDPR.
GDPR will undeniably benefit both the company and the user. Regulatory compliance will enable companies to prove that they are trustworthy, whereas the individual’s personal data will be further protected. It may seem like processors and controllers alike will bear the burden of complying with these rules, but fundamentally, GDPR functions as a guidebook on how to have a healthier, more transparent relationship with their customers!
At VBOUT, our team worked hard to implement all the requirements stipulated in the new regulations. We have the utmost respect for our all of users’ privacy, from our clients to their end users, and we are committed to keeping it that way!