The EU General Protection Regulation (GDPR) is a significant piece of EU legislation which is coming into force on the 25th May 2018. The legislation strengthens the rights that EU individuals have over their personal data, creating a single data protection approach across Europe.
How will Ablrate comply with the GDPR?
Our GDPR preparation started with the implementation of our notifications section where you are able to control the information you receive from us. You are able to choose individual emails to turn off (and back on should you so wish) giving you complete control over how we communicate with you.
We have engaged a compliance consultancy company, Thistle, to provide a full audit of our business and procedures with regards to data privacy and control. As part of this process, we are reviewing (and updating where necessary) all our internal processes, procedures, data systems and documentation to ensure that we are fully compliant with GDPR.
Our GDPR Principles are:
Data is processed fairly and lawfully
Data is processed only for specified and lawful purposes
Processed data is adequate, relevant and not excessive
Processed data is accurate and, where necessary, kept up to date
Data is not kept longer than necessary
Data is processed in accordance with an individual’s consent and rights
Data is kept secure
Data is not transferred to countries outside of the European Economic Area (‘EEA’) without adequate protection
Ablrate also processes personal data to comply with the eight principles of the UK Data Protection Act 1998.