The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).
The Guide to the GDPR explains the provisions of the GDPR to help organizations comply with its requirements. It is for those who have day-to-day responsibility for data protection. More information can be found here.
GDPR applies to every company in the world that processes personal data about people in the EU. As a GoAudits customer, the data pertaining to your users, as well as any personal data that you collect while conducting inspections or reporting incidents, is likely to be subject to GDPR.
GoAudits LLC. does not have control of the content that you collect or whether it is personal in nature. You are responsible as the Data Controller for ensuring the data you collect while doing inspections or reporting incidents is compliant with the GDPR principles.
GoAudits have implemented the following:
We have updated our data breach procedures to bring them in line with GDPR.
We have started our internal education program to deliver GDPR-focused training across key areas of the business so that our employees are aware of what GDPR requires and how it impacts their day-to-day roles.
We have engaged with our product development teams to consider and make necessary changes/improvements to our product and practices.
We have conducted a comprehensive data-mapping exercise that tracks personal data flows throughout our systems and services.
We have refined procedures to deal with some key data subject rights, like subject access requests and the right to request deletion.