The General Data Protection Regulation (GDPR) is a new European privacy regulation. The GDPR was introduced to strengthen the security and protection of personal data in the EU and standardizes EU data protection law. It applies to any organization operating in the EU or processing the personal data of EU residents.
OfficeMaps is committed to best practices around data security and privacy, including the protection of individuals' rights with respect to their personal data, and has undertaken steps to ensure OfficeMaps is compliant with the General Data Protection Regulation (GDPR).
What is OfficeMaps doing in response to GDPR?
We are committed to best practices around data security and privacy, including the protection of individuals' rights with respect to their personal data. We have taken significant steps to ensure OfficeMaps is compliant with the GDPR. We have made changes to our business and will continue to introduce product changes supporting data privacy and making it easier for our customers to comply with GDPR requirements themselves. These steps have included the following activities.
Research: We've reviewed the requirements imposed by GDPR and its related guidance to gain a clear understanding of our obligations, and have engaged experts to assist us with making the changes required as a result.
Review and Update Legal Documents: We've updated our legal documents as listed below and we've prepared a Data Processing Agreement to assist our users in complying with their own obligations under the GDPR.
Internal Data Audit: We've undertaken a review of all the data we collect, including the reasons why the collect that data and what we do with that data, and limiting access to the data by our personnel where appropriate.
Data Management Policy: We are implementing a Data Management Policy that provides our staff with comprehensive guidance around their handling of personal data.
Vendor Review: We've reviewed the GDPR-compliance status of our software vendors to ensure that they also comply with the requirements of GDPR and have listed them as sub-processors on our legal documentation where applicable.
Internal Process Review: As part of our continual process improvement, we will continue to review and improve process and practices relating to security and management of personal data.
The following legal documents have been amended to comply with the requirements of GDPR:
OfficeMaps already allows the personal information held for an individual to be easily identified and deleted if required.
Additional features will be added to bring GDPR specific functionality into a central location within the application to make it easier for our customers to meet their own GDPR compliance requirements.
Any questions relating to GDPR or personal data management more broadly can be addressed to email@example.com.