GDPR Compliance

Protecting the personal information of our customers, employees and partners is important to us. We commit ourselves to the GDPR / AVG and have adapted our working methods and procedures accordingly.

What we do to comply with the GDPR / AVG:

  • Privacy review

Privacy Impact Assessments ( PIAs ) are part of our company policy and analyze systems, service providers, products, services and technologies that deal with personal information.

  • Processes

Our internal processes have been updated and are periodically checked to ( continue to meet ) the GDPR / AVG requirements.

  • Privacy clauses

We identify and involve our external controllers and processors. Our company provides privacy clauses in every new agreement and processor agreements are concluded.

  • Data Privacy Officer

A Data Privacy Officer has been appointed and will operate at European level. We also have a team of Privacy Specialists.

  • Data breach

We have a robust “ incident response ” plan that is part of our company policy. This plan is “ GDPR compliant ” and is subject to regular review to ensure that our processes are effective in the management and security of our data and that of our customers and partners.

  • Staff

Personnel are periodically trained in the application of the GDPR / GDPR and the handling of personal data. A GDPR working group monitors the provision of information and enforcement of the GDPR within the various business units.

  • Data security

We have a high IT security level and our IT teams continue to evaluate and document this level.

  • Right to object

We have a process for implementing the right to object and registering and deregistering marketing communications.

  • Data inventory

We have performed a personal data inventory process that will be updated annually.

  • Privacy statement

Our Privacy Statement sets out how to handle personal data that is (possibly) collected via, for example, our websites and Apps. A link to this statement can be found at the bottom of this page.

  • Privacy by Design and Privacy by Default

We want to help our customers and partners meet the GDPR / AVG requirements.

We understand that our customers, as end users of our products, bear primary responsibility for the collection, processing and management of personal data. That is why we apply the principles ‘ Privacy by Design ’ and ‘ Privacy by Default ’ in our product and service development. Privacy by Design means that we include data protection in our systems and product design from the design phase. As part of the product review, we involve data privacy experts in the design process to make compliance with the GDPR / AVG easier for our customers and their end users.

Privacy by Default means that we offer pre-set products with robust privacy settings that allow customers to configure the options themselves.