Studio Verdi22 GDPR Information Center
On May 25th, 2018 the EU General Data Protection Regulation (GDPR) entered into force in the European Union. To answer any GDPR-related inquiries, we have created CodeTwo GDPR Information Center – a place where you can find all information about CodeTwo and the GDPR.
Privacy and security of your personal data
In CodeTwo, we care deeply about the privacy and security of your personal data. While processing personal data, we are always bound by these principles:
- we do not collect more information than it is necessary;
- we do not keep your data if it is no longer needed;
We are also committed to providing our clients with solutions that make it easier for them to comply with GDPR.
How has Studio Verdi22 ensured GDPR compliance?
Studio Verdi22 has engaged external advisors to make sure that its operations and processes meet the requirements of the GDPR. Studio Verdi22 has undertaken the following actions to comply with the GDPR:
1. Defining the context of organization
Studio Verdi22 has carefully analyzed the context in which it operates and identified relevant entities and their roles within personal data lifecycle;
2. Internal controls
Studio Verdi22 has implemented processes and controls to make sure that no vital decisions regarding personal data processing and information security system can be made without a prior analysis and necessary internal approvals;
3. Internal procedures
Studio Verdi22 has defined an extensive set of procedures describing the personal data processing and information security system, including procedures governing exercising data subjects rights;
4. Data Security Officer and Compliance
Studio Verdi22 has designated a Data Security Officer – a person who is responsible for maintaining personal data security system and compliance program;
5. Data retention periods and scope of processed data
We have introduced and documented data retention periods and reviewed our processes against the scope of collected personal data to make sure that the data minimization principle is fulfilled;
6. Third parties
We have updated contracts with third parties to make sure that all contracts contain relevant data protection provisions required by GDPR and introduce a verification process to make sure that entities which do not guarantee security of personal data cannot become our business partners;
7. International Data Transfers
Studio Verdi22 has reviewed contracts with third parties located outside of the EEA and updated relevant transfer mechanisms to make sure that international data transfers comply with the GDPR and that these third parties guarantee an adequate level of protection of personal data;
8. Services’ documentation
9. Training and awareness
We have prepared training materials on the GDPR and data security which are constantly available for all members of Studio Verdi22 personnel. No one can start working in Studio Verdi22without being trained on the relevant GDPR provisions. All members of Studio Verdi22 personnel undergo the training periodically.
Constant enhancements and control
We are fully aware that compliance with the GDPR is an ongoing process. Therefore, we have committed ourselves to undergo an external GDPR-compliance audit once a year.
We have also employed our new and proprietary software development methodology to make sure that personal data protection principles are encoded in our products by design. We are working on several other initiatives as well.
How Studio Verdi22’s solutions can help your company stay GDPR compliant?
Our products are equipped with features that can help your company stay GDPR compliant. Contact us
If you have any questions related to Studio Verdi22s compliance with the GDPR or you want to know more about how we ensure the protection of your personal data, contact us.