At iProAT we have been working through our solutions to be GDPR Compliant. This is to elaborate on the Data Privacy and Security requirements that we have set in place to ensure that we create a haven for our Customers.
Data collection, Storage Limitation &Data processing
When we mapped the personal data with the channels of data collection, we ensured that safeguards were in place so that the collected data was only processed for the reason for which it was collected. We also removed any personal data that was not important to business and established how long this information was stored.
Data Protection Impact Assessments (DPIA) have been carried out to help define, analyse and reduce or eliminate privacy risks in data processing operations.
We established our own internal mechanism on how we respond to and address requests concerning individual rights from data subjects. These rights include the right to records, the right to rectification, the right to access, the right to erasure, the right to limit processing, the right to data portability, the right to object or the right not to be subject to, including profiling, automatic decision-making.
Confidential and secure
To ensure confidentiality, honesty, and availability of information, we ensure that adequate security measures are in place. To ensure that all personal data is safe, we also use pseudonymisation through encryption and hashing. To protect personal data against accidental or unlawful damage, loss, modification, unauthorized disclosure, or access to personal data, we take necessary technical and organizational steps.
GDPR Compliance is an ongoing process and we will ensure that we periodically review our processes to ensure that we do not violate any GDPR obligations and monitor more regulatory changes closely.