The General Data Protection Regulation is set to be introduced by the EU on the 25th May 2018. It's an important step forward in extending the privacy rights granted to EU individuals, and places many new obligations on organisations that process EU personal data, regardless of which country they are in. For details on this new law, we encourage you to visit the ICO website and the GDPR portal.
Foster is committed to complying GDPR and it's principals therein.
Foster would like to assure our staff, partners, customers and stakeholders that we are committed to GDPR compliance and are already taking steps to become compliant.
We have analysed the requirements of GDPR and are enhancing our processes, controls and documentation where needed, to ensure compliance. We have embedded the principle of 'privacy first' into our working culture, understanding that all our users are data subjects, and that protecting their data is paramount. Strong encryption and fine grain access control are key techniques that assure our customers that their data, specifically user data, is secure.
We are well underway with further enhancements including consent management user journeys for authentication and data portability for subject requests. In the coming months we will release further information on how we are aligning our business to GDPR.
Data breach notification
In the event of a data breach by us as the controller, or by any business who acts as our processor, this will be registered on our internal breach register. In this unlikely event, and if the breach is likely to “result in a risk for the rights and freedoms of individuals”, we shall report it to our Supervisory Authority within 72 hours of becoming aware.
Our data processors have been informed of our stringent breach procedure and will also be required to notify customers, and us as the controllers, without undue delay after first becoming aware of a data breach.
For more information on this matter, please visit the ICO website or to read Article 33, click here.
Contact our GDPR team
Please contact us at firstname.lastname@example.org if you have any questions on the subject or would like to submit a complaint in relation to a GDPR matter.