Our Commitment to the GDPR
Last revision - May 2, 2020
The GDPR (General Data Protection Regulation) is a piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union. The regulation will become in effect and enforceable on May 25, 2018.
Soft2Run is fully committed to achieving and upholding ongoing compliance with GDPR prior to the date it becomes in effect.
What is the GDPR?
The General Data Protection Act (GDPR) is considered to be the most significant piece of European data protection legislation to be introduced in the European Union (EU) in the past 20 years and will replace the 1995 Data Protection Directive.
The GDPR regulates the processing of personal data about individuals in the European Union including its collection, storage, transfer or use. Most importantly, under the GDPR, the concept of “personal data” is very broad and covers any information relating to an identified or identifiable individual (also called a “data subject”).
It gives data subjects more rights and control over their data by regulating how companies should handle and store the personal data they collect. The GDPR also raises the stakes for compliance by increasing enforcement and imposing greater fines should the provisions of the GDPR be breached.
The GDPR enhances EU individuals’ privacy rights and places a stronger set of obligations on how organizations handle data.
Where Do We Stand?
Soft2Run began preparing and pursuing compliance in Q3 2017. The GDPR is a complex legislation, and we’ve been working extensively to be sure we’re compliant with this new regulation. The privacy and security of our customers (and their customers), partners and candidates are of utmost importance to us.
Here’s a condensed version of our GDPR Roadmap detailing the various elements we’ve been working on in order to comply:
- Appointment of a Data Protection Officer.
- Research into how the products and services we offer may be impacted by GDPR.
- Development of a strategy addressing the areas in our company impacted by GDPR.
- Creation of an inventory of all personal information that we control.
- Implementation of an email Subscription Center.
- Performing all necessary changes to our internal processes and procedures to achieve and maintain compliance with GDPR.
- Updating our websites to be GDPR compliant in terms of the capturing and tracking of personal data.
- Testing all of our changes to verify and validate compliance with GDPR.
If you have questions or concerns regarding this policy, please contact us at firstname.lastname@example.org.