What has Signable done about GDPR?
The GDPR (General Data Protection Regulation) is a regulation which came into force on the 25th May 2018. The regulation covers the use and control of peoples data who are based within the European Union.
We began investigating the impact of GDPR around May 2016. We care about our customer’s privacy and data and understand how much of a trusted position that our customers put us in.
Along with complying with GDPR, we are also in process of achieving ISO27001 certification, which isn’t, specifically, a requirement of GDPR, however, is an important step in data security.
Data controllers and processors
These are the two core roles that businesses subscribe to under the GDPR act. Where do Signable fit in these? How does it affect your data? We explain that in more detail here.
What changes have Signable made to be GDPR compliant?
Our main changes are internal, performing a full data audit to ensure that the data that we hold isn’t excessive and unnecessary. We have also updated the following policies to better reflect our role in protecting your data.
We have also created a Data Processing Amendment which can, if required, be signed.