The General Data Protection Regulation (GDPR) will go into effect on May 25th, 2018. GDPR is a set of new data privacy laws applied in all EU member states that are designed to protect its citizens’ data privacy and reshape the way organizations approach data privacy. All companies that handle personal data of EU residents will need to comply with the GDPR.
1. Polontech team is aware of new GDPR laws and appreciates the impact this is likely to have.
2. We document what personal data we hold, where it came from and who we share it with. Polontech keeps information about the clients for 5 years (clients’ name and surname, e-mail, company’s name) to process customer requests.
3. Our data retention term is 5 years.
4. Our procedures cover all the rights individuals have, including how we would delete personal data or provide data on request.
5. From 25th of May we will handle requests within maximum 1 month.
6. We’ve identified the lawful basis for our processing activity in the GDPR, documented it and updated our privacy notice to explain it.
7. Procedures of seeking, recording and managing of consent in our company meet the GDPR standard.
8. In Polontech each employee takes responsibility for data protection compliance and has the knowledge, support and authority to carry out their role effectively.
9. We’ve implemented effective procedures to detect, report and investigate a personal data breach.
10. Our single establishment is in Poland. Our lead data protection supervisory authority will be PUODO (President of the Office for Personal Data Protection), Urząd Ochrony Danych Osobowych
11. The Website is available only to individuals who are at least 16 years old.
If you want to learn more about GDPR, please visit GDPR Portal, a resource to educate the public about the main elements of the General Data Protection Regulation (GDPR). (https://www.eugdpr.org/)