Vexis Global GDPR readiness
The European Union has taken a monumental step in protecting the fundamental right to privacy for every EU resident with the General Data Protection Regulation (GDPR) which will be effective from May 25, 2018. Simply put, EU residents will now have greater say over what, how, why, where, and when their personal data is used, processed, or disposed. This rule clarifies how the EU personal data laws apply even beyond the borders of the EU. Any organisation that works with EU residents’ personal data in any manner, irrespective of location, has obligations to protect the data. Vexis is well aware of its role in providing the right tools and processes to support its users and customers meet their GDPR mandates.
Vexis Global’s Commitment
At Vexis, we have always honoured our users’ right to data privacy and protection. We have never relied on regular advertising to our clients as a revenue stream. Contacting clients to let them know of special offers on services they are interested in is done a couple of times a year. This means that we have no necessity to collect and process users’ personal information beyond what is required for the functioning of our products and services.
How is Vexis preparing for GDPR?
Vexis is gearing up to be GDPR compliant by the time the regulation comes into effect. Vexis understands its obligation to help customers get ready for the big day. Some of our ongoing initiatives are:
- Identifying personal data – Defining the purview of personal data for each of our services and documenting the various sources of data will go a long way in providing a roadmap for compliance in the days leading up to implementation.
- Providing visibility and transparency – The most important aspect of GDPR is how the collected data is used. Vexis’ key role is to provide our customers with the access to effectively manage and protect their user data.
- Enhancing data integrity and security – Data privacy and data security are two sides of the same coin. As our customers tighten their data security measures, Vexis would like to extend a helping hand. We’re streamlining the processes by implementing IT policies and procedures that provide end-to-end security.
What have we done to get ready?
- Created a data privacy team to oversee GDPR activities and raise awareness
- Reviewed current security and privacy processes in place & where applicable, revised our contracts with third parties & customers to meet the requirements of the GDPR
- Identified the Personally Identifiable Information (PII)/Personal data that is being collected
- Analyzed how this information is being processed, stored, retained and deleted
- Established procedures to respond to data subjects when they exercise their rights
- Established & conducted Privacy Impact Assessment (PIA)
- Created processes for data breach notification activities
- Ensured employee GDPR awareness