When it comes to compliance we do exactly as we’re told.
For your reassurance, here’s how we’re complying with the ICO’s GDPR guidelines.
• Awareness – we’ve informed everyone within our business about the changes GDPR brings and what it means to us and our customers.
• Information we hold – we’ve carried out a comprehensive information audit of our data estate and rigorously documented the personal data we control and process.
• Individuals’ rights – procedures are already in place to cover individuals’ rights and are being updated in line with the new regulation. This includes how we delete or provide personal data electronically to you if requested (in a commonly used format) as laid out by the ICO.
• Subject access requests – procedures to handle requests for personal data are being revamped to operate effectively under the GDPR.
• Consent – we’ve reviewed our consent management processes in line with GDPR requirements.
• Children – We do not collect any personal data regarding children, we have systems in place to swiftly and accurately address said data
• Data breaches – rigorous procedures are in place to detect, investigate and if necessary report possible data breaches.
• Data Protection by Design and Data Protection Impact Assessments – our Compliance team routinely perform Data Privacy Impact Assessments on both business activities and product functions.
• Data Protection Officers – we have a registered Data Protection Officer, who heads our Compliance team and is responsible for our data protection compliance.
To find out more about how we comply with GDPR please contact our