NEWS
What Have Ruby Datum Done About GDPR?
Posted in News on May 29th 2018
What Have Ruby Datum Done About GDPR?
Posted in News on May 29th 2018
Ruby Datum have always had a secure, sensitive and fair approach to handling data given the nature of the service provide. In accordance with the General Data Protection Regulation (“GDPR”) (EU) 2016/679 we have taken a number of steps to ensure we are fully compliant. These are as follows:
- Reviewed all stored documents on our systems, consolidated to one central structure and removed hundreds of documents that were not essential to the present or future operations of the company.
- Updated all legal documentation including default platform terms, licence agreements, website usage terms and beyond with relevant data processing information, including a list of sub-processors.
- Been in touch with all sub-processors to ensure we review their demonstration of GDPR compliance, ensuring they comply with applicable laws and our own strict security standards around data.
- Documented all data we hold on individuals, source of data and who it is shared with.
- Reviewed all procedures to ensure we only collect relevant data and inform the user of the purpose it is being used.
- Wiped our electronic marketing database as we prefer not to use this method anyway.
- Assigned a Data Protection Officer (Nicholas Watson).
- Double checked our development & hosting security procedures to ensure they were of a high standard (which they were).
- Implemented a procedure to comply with subject access requests.
- Created and scheduled to maintain a current data map of all areas we hold data on individuals within the business.
- Implemented Data Breach procedures in alignment with GDPR legislation (we’ve actually gone beyond what we’d consider the minimum requirements for this).
- Reviewed all device procedures such as phones, laptops & beyond to ensure they are fully encrypted and all staff & contractors of Ruby Datum are in full compliance with such procedures.
- Put reminders in place to review GDPR policies & procedures every 3 months, including staff education.
We hope this satisfies what clients and users expect of us. We are always looking for ways to improve, so please let us know if you have suggestions.
Ruby Datum combines “blue-chip” professionalism with approachability and responsiveness. The service was intuitive and met all our requirements. We were able to set up everything quickly and easily.
Elias Schulze
Net Zero Company