ASAMS privacy statement is now live on our re-designed website. These are all part of ASAMS commitment to ours and our clients data security.
Our privacy statement can be found here.
What’s GDPR?
The EU General Data Protection Regulation (“GDPR”) is a comprehensive data protection law that came into effect on May 25, 2018. It replaced existing EU Data Protection law to strengthen the protection of “personal data” and the rights of the individual. It's a single set of rules which governs the processing and monitoring of EU data.
How has ASAMS prepared for GDPR?
We have thoroughly analysed our responsibilities to meet the GDPR requirements and have put in place a dedicated internal contact to drive us to meet them. Our ongoing initiatives are built upon –
- Appointing our DP (Data Processing) officer as project manager, as we are already on the current ICO register we are in good shape and understand what is required to be compliant
- Identifying where data is captured and how it is stored, then working on what upgrades are required to be compliant
- Logging how we process all information and highlighting data that is affected by this legislation
- Improving data breach procedures to identity theft or a confidentiality breach.
- Planning a re-education program for all staff and suppliers as required
When processing data we undertake checks and ensure the following:
- The processing is lawful, fair and transparent
- Transparent about what the data is being used for
- Data is collected for a specific purpose
- The data is necessary for the purpose
- The data must be accurate and kept up to date
- Data is not kept for longer than necessary
- The data is kept safe and secure
We are constantly improving the technical and organisational security measures we have in place to protect your data and ensure we are fully compliant with GDPR. The work we are doing will also assist with your own compliance obligations regarding any of your data held by ASAMS. If you have any questions please contact us.