On May 25th 2018 the new General Data Protection Regulation (GDPR) comes into force. In paralel with creating our GDPR training here at iHASCO we've taken the time to assess how the changes in regulation affect our business and ensure that we are 'GDPR compliant'. We've prepared this FAQ to help answer some of the most common GDPR questions we get asked.
Are iHASCO GDPR compliant?
Yes. We have taken the steps necessary to ensure that we are/were GDPR compliant prior to May 25th 2018. We have updated our internal systems and processes as necessary and have ensured that 3rd party processors are also GDPR compliant.
What has iHASCO done to comply with GDPR?
We've reviewed our data processing activities and made changes to our processes and application. If you require more specific information on the steps we have taken to ensure compliance please contact us at firstname.lastname@example.org.
Does iHASCO store data outside of the EU?
We process some data outside of the EU. However under GDPR we are permitted to transfer personal data outside of the EU if it is adequately protected. We have ensured that our third party processors outside of the EU (In this case in the US) are certified to the EU-U.S. and Swiss-U.S. Privacy Shield Framework.
What type of personally identifiable information does iHASCO process on a clients behalf?
In regards to your client account with us we process your Name, Email address and Organisation details (Name, Address, Telephone Number). In regards to clients employees who are undertaking training we process their Name and Email Address only. We do not request or store sensitive data pertaining to clients or clients employees.
Still have questions?
Edit: Updated on May 24th to note compliance with GDPR being effective.