We are ready, are you?
On the 25th of May 2018, the EU’s General Data Protection Regulation took effect. Read on to find out what GDPR is, what businesses like yours need to do to be compliant, and how 5CA has prepared for this new legislation.
What is GDPR?
The General Data Protection Regulation deals with the processing of ‘personal data’ which is basically any personal information that by itself can identify a person, such as an ID or social security number but also data that in conjunction can identify a person, like for example having a customer’s address plus their date of birth. Thus, businesses processing any information from their customers who are located in the EU, such as name and last name, phone numbers, date of birth, copies of their IDs, addresses, and many more, are impacted by the GDPR. Read more
What do I need to do?
In order to become GDPR compliant, any business processing or otherwise handling data belonging to European Union citizens needs to live up to the new standards set by the EU related to the gathering, storage, retrieval, rectification, anonymization, and removal of personal data. This means mapping out which data your business handles and implementing measures to safeguard that data as well as defining processes and responsibilities for handling customer requests around their personal data. Read more
1. GDPR Culture
We’re creating a GDPR company culture throughout all layers of our organization. By appointing a GDPR team and continuously communicating the steps that are being taken we make sure that everyone at 5CA is aware of the importance of being GDPR compliant and understands how GDPR impacts the way they work.
We have trained all employees to ensure proper handling of customer data and customer requests:
- Specialized training for agents detailing how to handle customer data and customer requests
- Training focused on educating staff and management on how they can ensure that their teams are GDPR compliant
- Exams to test whether all employees understand their training
- Tailored GDPR compliance examples and real-life cases
3. Data Processing Agreements
To make sure 5CA and its clients work together on ensuring that our customers’ data is protected, we are creating Data Processing Agreements detailing all the obligations of 5CA and its clients and all the relevant provisions regarding data protection.
4. IT and Processes
Our IT infrastructure and tools are ready for the implementation of GDPR. These are the steps we have taken to ensure compliance:
- Implemented extensive IT measures to comply with our obligations as Data Processors.
- Mapped out all the information we hold and process per client, describing workflows, identifying programs.
- Created new procedures and assigned responsibilities to deal with data subject requests such as access, deletion, rectification and data portability requests.
- Set out procedures and assigned responsibilities to deal with any possible data breach.
Questions about GDPR?
Fill out the form below to get in touch with our Data Protection Officer.