On May 25th 2018 the new General Data Protection Regulation (GDPR) comes into force. In paralel with creating our GDPR training here at iHasco we've taken the time to assess how the changes in regulation affect our business and ensure that we are 'GDPR compliant'. We've prepared this FAQ to help answer some of the most common GDPR questions we get asked.
Are iHasco GDPR compliant?
We will be. We are taking the steps necessary to ensure that we are GDPR compliant prior to May 25th 2018. We have updated our internal systems and processes as necessary and have ensured that 3rd party suppliers are also GDPR compliant or working towards GDPR compliance. As and when all of our suppliers have achieved GDPR compliance we will update this FAQ accordingly.
What has iHasco done to comply with GDPR?
We've reviewed our data processing activities and made changes to our processes and application in advance of the GDPR effective date to ensure that we will be compliant. If you require more specific information on the steps we have taken to ensure compliance please contact us at email@example.com.
Does iHasco store data outside of the EU?
We process some data outside of the EU. However under GDPR we are permitted to transfer personal data outside of the EU if it is adequately protected. We have ensured that our suppliers outside of the EU (In this case in the US) are certified to the EU-U.S. and Swiss-U.S. Privacy Shield Framework.
What type of personally identifiable information does iHasco process on a clients behalf?
In regards to your client account with us we process your Name, Email address and Organisation details (Name, Address, Telephone Number). In regards to clients employees who are undertaking training we process their Name and Email Address only. We do not request or store sensitive data pertaining to clients or clients employees.