Tex Plastics Ready for GDPR
Tex Plastics are ready with their data policies and new legal obligations with GDPR.
General Data Protection Regulation (or GDPR) is coming and is here to stay
The GDPR reforms are designed to reflect the digital world we’re living in today. It clarifies the laws and obligations around personal data, privacy and consent. The UK government has recognised that it will still be part of the EU when the General Data Protection Regulation comes into effect on May 25, 2018. The UK has stated that it will comply with the GDPR, and that its compliance will not be affected by Brexit.
The impact of the GDPR on our business
The GDPR is the EU’s way of giving individuals, prospects, customers, contractors and employees more power over their data and less power to the organisations that collect and use such data for monetary gain. As a business who deals with other businesses, Tex Plastics do not process lots of personal data. However, as every business we deal with has people we communicate with – the GDPR means we need to have in place a map and flow chart of the data on these individuals. This means any data on prospects, customers, lapsed customers, suppliers, employees, etc. Then a process for managing how we store it, how long for, who has access to it and what happens when somebody executes their rights within the act.
Under the GDPR, individuals have the following rights
- The right to access – this means that individuals have the right to request access to their personal data and to ask how their data is used by the company after it has been gathered. The company must provide a copy of the personal data, free of charge and in electronic format if requested.
- The right to be forgotten – if consumers are no longer customers, or if they withdraw their consent from a company to use their personal data, then they have the right to have their data deleted.
- The right to data portability – Individuals have a right to transfer their data from one service provider to another. And it must happen in a commonly used and machine readable format.
- The right to be informed – this covers any gathering of data by companies, and individuals must be informed before data is gathered. Consumers have to opt in for their data to be gathered, and consent must be freely given rather than implied.
- The right to have information corrected – this ensures that individuals can have their data updated if it is out of date or incomplete or incorrect.
- The right to restrict processing – Individuals can request that their data is not used for processing. Their record can remain in place, but not be used.
- The right to object – this includes the right of individuals to stop the processing of their data for direct marketing. There are no exemptions to this rule, and any processing must stop as soon as the request is received. In addition, this right must be made clear to individuals at the very start of any communication.
- The right to be notified – If there has been a data breach which compromises an individual’s personal data, the individual has a right to be informed within 72 hours of first having become aware of the breach.
Tex Plastics has put security measures and processes in place
Tex Plastics are committed to the GDPR and take the data we hold on individuals very seriously. We’ve developed and implemented safeguards throughout our infrastructure to help contain any data breaches. This means putting security measures in place to guard against data breaches, and taking quick action to notify individuals and authorities in the event a breach does occur.