GDPR Compliance Statement – UK IT Service
UK IT Service place a high priority on protecting and managing data in accordance with the new GDPR standards. As a business, we remain committed to high standards of information security, privacy and transparency.
As part of our GDPR preparation process, we reviewed all our internal processes, procedures, data systems and documentation. We have made some updates and have identified a number of areas where we can further enhance our data security in time.
Our GDPR Principles:
- We will process all personal data fairly and lawfully.
- We will only process personal data for specified and lawful purposes.
- We will endeavour to hold relevant and accurate personal data, and where practical, we will keep it up to date.
- We will not keep personal data for longer than is necessary.
- We will keep all personal data secure.
- We will endeavour to ensure that personal data is not transferred to countries outside of the European Economic Area (‘EEA’) without adequate protection
General GDPR Related Matters:
- We have been awarded our ISO 9001 certification for Quality Management.
- We have been awarded our ISO 27001 certification for Information Security Management.
- We will help our customers understand their responsibilities under GDPR, as well as help support their compliance needs.
Our GDPR Actions:
- We have reviewed and updated our range of policies, including our Data Breach Policy, Business Continuity Plans and Subject Access Requests.
- We have undertaken a systematic review of the personal data we store, manage, maintain and control.
- We have provided training to our team and have generally raised the awareness and importance of GDPR to our business.
- We will continually look at ways of improving our systems and procedures to ensure that we comply with GDPR best practise as a minimum.
This document was last updated on May 26, 2018