What is the GDPR?

The General Data Protection Regulation (GDPR) is a recent European regulation replacing the current European Union (EU) Data Protection Directive. Its purpose is to ensure the security and protection of the personal data of people in the EU (residing or transitory). It is, essentially, a “Bill of Consumer Data Rights.”

Digipeak is is based UK, many of its customers are and will be. The GDPR regulates the “processing” of data, which includes the collection, storage, transfer or use, of personal data about EU individuals. Thus, where EU data is concerned, Digipeak will have to comply with GDPR as well. Rather than maintain two levels of data security, we have opted to elevate our security and processing standards to GDPR-mandated levels for everyone.

Will Digipeak be compliant with the GDPR by 25 May 2018?

Yes. Digipeak will be compliant on or before 25 May 2018, the date the GDPR comes into force in the EU. We have a deep commitment to the privacy and security of your data, as well as your ability to access it. Maintaining compliance to GDPR constitutes no significant change in our philosophy or business practices. .

How has Digipeak been preparing for the GDPR?

Because the spirit of the GDPR is in line with Digipeak’s philosophy and values, with an emphasis on customer data security and privacy, compliance with the GDPR has been more a matter of codifying our policies than a radical shift in our business model.

  • Terms and policies: Watch this space for a clear summary of how we are complying with GDPR. We will also draft contract addenda and amendments reflecting the post-GDPR paradigm, which we will make available to you.
  • Security and Privacy: Data privacy is of paramount importance to us. To that end, not only have we employed industry standard best practices, but we have also contracted a world class security firm to ensure Digipeak is fortified against breach. We are ensuring that our vendors can adhere to the highest customer opt-in standards.
  • Assurance of Rights: Our goal is to allow you, the customer, to exercise your rights under the GDPR, including transparent access to data, and protection from unauthorised use of said data. Our practices will ensure these rights.

 

Updated March 21st, 2018