As a relatively new initiative, Merseyside Digital only began it’s GDPR preparation just over 2 months ago, but we are committed to achieving compliance with the General Data Protection Regulation on or before May 25, 2018. reviewing all processes, procedures, data systems, and documentation to ensure that we will be ready when the GDPR goes into effect.
Much of this preparation is happening behind the scenes:
- Updates to Data Privacy and Cookie Policies to meet the requirements of the GDPR in order to permit Merseyside Digital to lawfully receive and control data;
- Review third-party vendor contracts to meet the requirements of the GDPR in order to ensure that those third parties lawfully receive and process that data;
- Analysis of features, forms and templates to decide whether any improvements or additions can be made to ensure compliance with the GDPR
We understand the importance of committing resources and time to GDPR preparation and know that although it requires a good deal of work, the changes can only be of benefit to our partners, clients and future business growth.
We are following a GDPR preparation roadmap based on the ICO’s 12 step approach which can be found here. Merseyside Digital does not process any children’s data nor is it required to appoint a “certified” full-time data protection office (DPO) so we have the following steps in place
- Compliance Management
- Data Review/Mapping
- Subject Access
- Data Breaches
If you would like any further information about how we may be able to help, please do not hesitate to get in touch here