The European Union (EU) has issued a new regulation, the General Data Protection Regulation (GDPR), which went into effect on May 25, 2018. This regulation signifies the largest change in data privacy regulation history in over 20 years, and is comprised of a new set of laws that aim to provide increased protection of EU citizens' personal data. The GDPR applies to all organizations (including GoData) that handle, control, or process the data of EU citizens, regardless of where in the world those organizations are based.
Key changes to prior data protection regulations include increased territorial scope and applicability, changes to breach notification and penalties, and increased conditions for consent. Under the GDPR, EU citizens possess rights related to the following: data breach, right to access data, right to be forgotten, data portability, privacy by design, and more.
GDPR compliance encompasses two distinct roles: data controllers and data processors. As defined by GDPR guidelines, a data controller is a person, public authority, agency, or other body which determines the purposes and means of processing personal data. You (the client) are a data controller. A data processor, on the other hand, is an entity (person, public authority, agency, or other body) which processes personal data on behalf of the data controller under the controller's instructions. GoData is a data processor. Data controllers should use data processors that can effectively demonstrate their compliance with the GDPR. You can learn more about the new GDPR regulations here and here.
GoData takes data protection and security seriously for all of our clients, and we're committed to becoming compliant with GDPR regulations. Our team has been working for months to ensure that we address the GDPR from a product, legal, and process standpoint.
Data protection has always been a top priority for GoData, and we strive to communicate information with transparency. We've created the roadmap below to help you better understand the steps we've already taken to maximize data protection, along with the actions we're currently taking as an organization to become GDPR compliant. If you are a GoData client and you have any questions or concerns about the information on this page, please reach out to our client support team and we'll be happy to assist.
Please note: The information on this page is provided for informational purposes only and does not constitute legal analysis and/or advice. Please consult with legal counsel to understand all legal implications of the GDPR and how they relate to your business practices.
We have been working to adhere to the following GDPR roadmap
GoData has been registered with the ICO since our formation - you can find our details on the ICO website - Registration number: ZA754764
Should a data-breach occur then GoData will comply fully with our obligations to inform the ICO and the relevant client and will fully cooperate with any investigation