The General Data Protection Regulation, or GDPR, is European wide law that came into force on 25th May 2018 alongside the Irish Data Protection Act 2018. The Data Protection Laws referred to in this case include the EU GDPR and the Data Protection Acts 1988-2018. Whilst many of the new legislation’s main concepts and principles are aligned with the current Data Protection Act, there are new elements and significant enhancements to strengthen the data protection for individuals and also unify this across the European Union.
What BM Glass Coatings have done to prepare
As an organisation handling personal data, we have always taken handling and protecting that data extremely seriously. We feel the improvements required are less for us than they would be for those in other industries. We have reviewed and are following the Data Protection Commissioner’s office guidelines for implementing GDPR. The activity to date has been as follows:
- Conducted a GDPR gap analysis and addressed the findings
- Reviewed all data flows and data mapping to ensure that we meet GDPR requirements.
- Trained our staff to meet the requirement on data security awareness.
- Ensured that our data retention periods are suitable for the records being held.
- Reviewed our subject access request procedures to ensure that they meet the new timing requirements specified in GDPR.
- Updated our policies and procedures to meet our GDPR obligations.
We have been conducting due diligence on our 3rd party suppliers regarding GDPR and are monitoring their statements regarding progress towards compliance. We are using an ISO27001 certified data security company to assess our proprietary platforms and help with our GDPR compliance.
BM Glass Coatings is fully committed to implementing and maintaining full GDPR compliance. We will continue to maintain high standards in data privacy and protection and will strive to meet our obligations under the existing data protection act.