Welcome to Shifttocloud (Sigsync) GDPR information centre
This offers some insights and practical steps for organizations as they prepare for compliance with the General Data Protection Regulation (GDPR), by May 25, 2018.
Every organizations process to GDPR compliance is different. It all depends on factors like size of the company, type of data it processes, size of the data it process, and its current privacy and security measures.
All companies which processes personal data of EU individuals comes under the scope of GDPR. For more details on the GDPR visit: https://www.eugdpr.org/
Getting ready for the GDPR
Organizations established in the EU and handling personal data of EU-based individuals will, in almost all cases, be required to comply with the GDPR by May 25, 2018. The GDPR updates and harmonises the framework for processing personal data in the European Union, and brings with it new obligations for organizations and new rights for individuals. Many organizations, large and small, are now preparing for the new regulation.
What is the GDPR?
The GDPR is a European Union regulation that establishes a new framework for handling and protecting the personal data of EU-based residents. It comes into effect on May 25, 2018.
Personal data plays a huge part in society and the economy. It is essential that people have—and know they have—control and clarity over how their data is used and protected by any organization they interact with, and that organizations are given clear guidelines to protect their personal data.
One of the aims of the GDPR is to harmonise and bring data privacy laws across Europe up to speed with the rapid technological change in the past two decades. It builds upon the current legal framework in the European Union, including the EU Data Protection Directive in existence since 1995.
GDPR: The basics
Sigsync will meet the requirements of the GDPR by May 25, 2018. However, you should also be working to assess your readiness for the GDPR well in advance of that date.
How will Sigsync comply with the GDPR?
- Trust is the foundation of our relationship with our customers and businesses around the world. We value the confidence you've put in us and take the responsibility of protecting your data seriously.
- Sigsync Privacy teams have carefully analyzed the GDPR and are undertaking the necessary steps to ensure that we comply and ensure we meet the requirements of the GDPR by 25 May 2018
- All necessary technical measures are taken to ensure personal data is protected
What are your obligations under the GDPR?
- It is important to remember that you, as the business customer and the data controller, have specific legal obligations under the GDPR.
- You should be confident that any providers which you work with have a highly robust approach to data protection, understand the obligations of the GDPR, and are well prepared to meet them.
GDPR: Important terms
Privacy of Personal data: This means that organizations handling personal data need to think about data protection when designing systems.
Data protection officer: The GDPR requires companies that engage in processing of EU user data to determine if they should appoint a Data Protection Officer.
User rights: Companies should ensure they have effective systems and process in place to give effect to these rights. The GDPR expands the existing set of user rights and creates several entirely new rights.
Accountability: Your Company must adhere to the principles set out in the GDPR, but you must also demonstrate that compliance in line with the principle of accountability.
Email consent: Companies should not email someone who has not actively consented, and also should provide a clear way for someone to unsubscribe if they have consented. Including an unsubscribe link will easily allow the email recipient to opt-out of any communication from your company.