The EU General Data Protection Regulation (GDPR) comes into force across the European Union on 25th May 2018 and brings with it the most significant changes to data protection law in two decades. The new Regulation aims to standardise data protection laws and processing across the EU; affording individuals stronger, more consistent rights to access and control their personal information.
Office Evolution Ltd are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of the GDPR and the Data Protection Act 2008
Office Evolution Ltd are dedicated to safeguarding the personal information under the new Regulations. Our preparation and objectives for GDPR compliance have been summarised in this statement and include the development and implementation of new data protection policies, procedures, controls and measures to ensure maximum and ongoing compliance.
Preparation - carrying out an information audit to identify and assess what personal information we hold, where it comes from, how and why it is processed and if and to whom it is disclosed.
Subject Access Request (SAR) - Any sharing of data will be subject to a SAR, we will take all steps to ensure that these requests are actioned promptly and in compliance with the act. If you require any data from Office Evolution please contact us on 01225 690000 for a SAR form.
Right to Be Forgotten - Previous customers or staff members can contact Office Evolution Ltd to clarify what information is held and used in relation to them personally or as a company. Under the regulations there is a right to be forgotten and we will fully comply with the act where data deletion is requested.
Information Security and Protection - Office Evolution Ltd takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process. We have information security policies and procedures in place to protect personal information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures, including: SSL Certificates, access controls, password policy, disk encryption and access restrictions.
Outside Agencies - Where a third party provider is used to process personal information, we ensure that they have policies and procedures in place to comply with the regulations. We will also ensure that any external agencies comply fully with our own GDPR guidelines.
Ineo Secure - To assist our customers with GDPR compliance we are offering a certified scheme for most Develop MFPs. This offers an enhanced level of security and data handling through our machines and provides certified proof of the work carried out. If you would like further information please contact the office.
If you require any further information relating to GDPR please contact Matthew Goodall on the number shown above.