The General Data Protection Regulation (GDPR) (EU) is a new set of laws aimed at enhancing the protection of EU citizens’ personal data and increasing the onus on organizations to deal with that data in transparent and secure ways. The GDPR applies not only to EU-based businesses, but also to any business that controls or processes data of EU citizens. Many international data protection initiatives and regulations crossover in this regulation, so it is prudent to remember that whilst you may not be an EU based company, it will in some part affect your business.
GreenOrbit is hard at work ensuring that our own organisation and processes are GDPR-compliant. Equally important to us, is helping you to understand what the GDPR means for your business and build compliant processes of your own. A big piece of that is ensuring that GreenOrbit sets you up for GDPR compliance. Between now and May 25th 2018 (and beyond), we are committed to enhancing GreenOrbit to enable easier compliance with the GDPR. Let’s look at the main areas of GDPR and how GreenOrbit is placed to help you achieve compliance.
Organizations need to collect the consent of individuals to hold their data. GreenOrbit meets this need through the terms and conditions checkbox which records compliance of the individuals using the intranet. The terms and conditions would refer to your own internal business processes around the collection, storage and use of data.
GreenOrbit recommends setting up a security policy and GDPR group policy on the intranet that all employees should read and accept as having read and understood. This provides compliance for your business that all your employees understand their obligations under the new GDPR landscape.
Data Portability & Storage
GreenOrbit Cloud is hosted on AWS – ensuring data compliance and data portability for peace of mind. If the installation is on-premise we recommend that you undertake an audit of your internal systems to determine your company’s compliance.
GreenOrbit allows for the pseudo anonymization of data so that individuals cannot be identified when analysing sets of data.
Right to be Forgotten/Erasure
GreenOrbit allows for the permanent deletion of personal data, by request via our support team.
This legal information is not the same as legal advice. We insist that you consult a lawyer if you would like advice on your interpretation of this information or its accuracy. As such, you may not rely on this paper as legal advice, nor as a recommendation of any particular legal understanding.