The General Data Protection Regulation (GDPR) came into law as of May 25th 2018, requiring all organisations that handle EU residents' data to abide by its strict terms.
We know that this is a big concern for many individuals and companies.
We would like to offer complete clarity to our customers about what we have done internally to address the new GDPR legislation, and how we ensure our own compliance.
Below are some resources from ourselves and SugarCRM to download.
How we at Enable Technologies have addressed our own internal procedures, in order to become compliant.
David Bushnell, Enable Technologies Founder and Director, issued a statement regarding GDPR.
"There’s no better time than right now to perform a ‘privacy health check’ and ensure that your practices around the use of databases and your business processes will be compliant."
SugarCRM's document addressing GDPR, what it means, and advice on how to manage your compliance.
A video showing how you can manage your compliance within your SugarCRM system.
A showcase of the module created by Enable Technologies that allows users to easily manage their GDPR Compliance.
The General Data Protection Regulation (GDPR) became enforceable as of May 25th, 2018. This regulation imposes rules on companies, government agencies, non-profits and other organisations that offer goods and services to people in the European Union (EU). It also applies to organisations that collect and analyse data tied to EU residents and applies no matter where companies are located, therefore the looming threat of Brexit will not affect most British organisations, as they will still have to comply with the new regulations.
The legislation itself imposes requirements on organisations and how they collect, store and use personal information. For a Data Controller, any organisation dealing with EU individuals must process personal data in compliance with GDPR. They must also ensure that any third-party Data Processors have implemented the technical and organisational requirements of GDPR. Organisations who do not comply with the new regulations will be subject to significantly higher fines that in previous years; up to 4% of annual global turnover or up to 20million Euros.
How does GDPR apply to Enable Technologies?
- As a Data Controller, where Enable Technologies handles any data on its own behalf (e.g. for marketing activities)
- As a Data Processor, where Enable Technologies handles any data on behalf of its customers (e.g. for our Hosting Services)
- As a CRM provider, where Enable Technologies provides software to our customers which also allows them to be compliant with GDPR
At Enable Technologies, the trust of our customers is paramount to our mission, and this trust drives our continuous investment and approach to Data Protection. We are committed to take an active approach to GDPR compliance. To this end, we have created an internal working group to review, assess and ensure continued compliance to GDPR. We have appointed an internal Data Protection Officer (DPO) to ensure that we comply fully with regulations. We have also identified internal GDPR champions in all relevant groups to ensure that Data Protection and Privacy continues to be a vital part of all of our activities and considerations.
We also recognise that many of our customers will be facing challenges in their efforts to comply with GDPR. Enable Technologies is committed to helping our customers by offering products and services that allow them to meet GDPR requirements and develop more effective and valuable business relationships with their own customers.
Data Controller – “means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be processed”
Data Processor – “in relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller”