The General Data Protection Regulation (GDPR) is one of, if not the most significant piece of privacy legislation passed by the European Union in the last twenty years. It was designed to replace the 1995 EU Data Protection Directive (European Directive 95/46/EC). Its aim is to strengthen the rights that EU individuals have over their data, by creating a consistent data protection law that is implemented across Europe.
Espressoweb will comply with the applicable GDPR regulations as a data controller when they come in to effect on 25th May 2018. By working concomitantly with our existing and future clients, we will explore any, and all opportunities within our services by offering to support our customers in meeting their GDPR commitments, wherever possible
We are dedicated to addressing EU data protection requirements which are applicable to ourselves as a data controller. These efforts have been critical in our ongoing preparations for the GDPR:
As a company, we have evaluated the following principles in preparation for the enforcement of GDPR and we suggest that our customers also look to do the following:
As a prevailing or forthcoming client of Espressoweb, now is the ideal time for you to commence your preparation for the GDPR as a data controller. You may want to consider these tips:
Get to know GDPR: Familiarise yourself with the provisions of the new regulations, particularly how it may contrast from your existing data protection liabilities, and consider the relationships you have with both your client base and aspirants. Also, note the deviation of local provisions which may be antiquated by the new regulations when they become EU law on May 25th, 2018. Do be aware that new desideratum may require new solutions that meet the stringent exigencies ahead.
Audit your data and processes for data capture: Create an updated and precise inventory of personal information that you control. Review your current controls and processes to ensure that they're sufficient, and build a plan to address any areas which may need improving. Here are some steps you can take today:
Stay informed: Stay abreast of updated regulatory guidance as it becomes available, and consider consulting a legal expert to obtain guidance which is applicable to you. We would recommend a regular review of the Information Commissioner's website, which is the UK representative within the EU working group: Article 29.
At Espressoweb, we strive to deliver an incredible customer experience from the beginning of your journey with us; earning the trust of thousands of companies throughout the UK. We will continue to make additional required operational changes resulting from the new legislation, and will keep our clients, partners, and regulatory authorities informed throughout this process. We have an internal cross-functional team who continue to monitor GDPR as it moves to become more clearly defined over the next few months, and who will continue to inform our strategy for GDPR.