On 25th May 2018, the European Union General Data Protection Regulation (GDPR) will come into full effect.
On 25th May 2018, the European Union General Data Protection Regulation (GDPR) will come into full effect.
As a responsible organisation, GWO is committed to achieving and maintaining the trust of its stakeholders. Integral to this mission is providing a robust security and privacy program that carefully considers data protection matters across our suite of services, including data submitted by Stakeholders to our services (“Customer Data”).
In support of this mission, GWO has today published details of the steps it has taken to meet the requirements of GDPR.
Broder Illing, Risk Manager at GWO explains: “GDPR demands a high standard from companies to ensure they consider personal data protection at every point in their business process. We are confident that our procedures and documentation meet those expectations. For example, they describe the architecture of, privacy-related certifications received for, and the administrative, technical, and physical controls applicable to, the services we provide, such as the WINDA database.
“We also seek to demonstrate how GWO has implemented procedures to ensure customer data is only processed as instructed by the customer, throughout the entire chain of our activities, and how our infrastructure undergoes regular vulnerability and application security assessments.”
For full details of GWO’s data security and privacy architecture with reference to GDPR, please view the relevant documentation, here.