GIFTS & SOUVENIRS GENERAL DATA PROTECTION REGULATION (GDPR) STATEMENT
Gifts & Souvenirs takes your privacy very seriously and we give you our commitment that we will aim to keep your personal data safe and secure.
Part of this commitment is to ensure that we are ready for the transition from current Data Protection Regulations to the new EU General Data Protection Regulations which come into effect on the 25th May 2018.
1. WHAT IS GDPR?
The GDPR is the culmination of 4 years work by the EU to bring data protection legislation into the 'modern' age by focusing on the different and sometimes innovative ways data is stored and used. It supersedes the Data Protection Act of 1998 and aims to give consumers more say over how their data is used. This directive also streamlines legislation throughout the EU.
2. YOUR RIGHTS AS AN INDIVIDUAL.
From the 25th May 2018 you will have revised rights under the new EU General Data Protection Regulation. These are:-
- The right to be informed
- The right of access
- The right to rectification
- The right to erase
- The right to restrict processing
- The right to data portability
- The right to object.
The right not to be subject to automated decision making including profiling
Further information on the above is available from the Information Commissioner's Office website.
3. WHAT ARE WE DOING TO ENSURE WE ARE READY FOR THE CHANGES?
As the data controller we understand our obligations under the new legislation together with their importance to you. We are well underway with our GDPR requirements and have a team available to answer any questions you may have regarding this.
To ensure we are ready for the transition some of the things we have been working on are:
- Understanding and reviewing the data we hold - We have reviewed the data we hold and the reasons why we are storing it to ensure we are fully compliant with the regulations.
- Reviewing how the data is used - We only collect data that we need. This is one of the key roles as a data controller. We have reviewed our data capture processes to ensure that we meet this GDPR requirement.
- Reviewing our internal data security - We have reviewed how we hold your data, adding additional security and processes to ensure we are fully compliant with the regulations.
- Updating our systems - We have reviewed how you control how we communicate with you. We are providing an interface where you can select and de-select the forms of communication we send you.
If you have any questions regarding the GDPR and what it means to you please feel free to contact us at email@example.com