The General Data Protection regulation (GDPR) came into force on the 25th of May 2018. Holly Social Limited believes that privacy is a very important right and wishes to assure all the company’s customers that we work hard on ensuring compliance in all areas of the company.
Within this statement we wanted to highlight the measures we have put in place to ensure compliance with GDPR where we hold or process personal data on your behalf.
To adhere to the GDPR requirement that a data controller must appoint the processor in the form of binding written agreement, with the personal data processed (including the activities of any sub- processors) only on documented instructions from the controller or the requirements of EU law or the national laws of Member States, we will be reviewing with our customers all our agreements to ensure compliance. This will ensure that relevant wordings are in place to cover aspects such as cover the duration, nature and purpose of the processing, the types of data processed and the obligations and rights of the controller. It will also, where applicable, cover cross border transfers and the use of any sub processors.
Holly Social Limited continually seeks to ensure the confidentiality, integrity and availability of the personal data we store or process. We maintain appropriate technical and organisational security measures to protect personal data against accidental or unlawful destruction or loss, alteration, unauthorised disclosure or access.
In demonstration of this, we have processes compliant with the following standards:
Under the GDPR, we must notify any data breach to the ICO within 72 hours of discovering the breach. Holly Social Limited therefore has processes and procedures in place for identifying, reviewing and promptly reporting data breaches to the ICO.
We would provide the controller with:
We would stress again that we have comprehensive technical and organisational security measures in place to mitigate against a data breach.
Authorised users may view our procedures for identifying, preventing and reporting data breaches.
Under the GDPR there are significant enhancements to the rights that individuals enjoy with regards their personal data. Holly Social Limited can work with customers for whom we hold or process personal data in order to determine how best to facilitate: