Infobric is working purposefully and methodically to ensure compliance with the General Data Protection Regulation and filling existing gaps well before May 25, 2018. On this page you can find information about GDPR and updates on how Infobric is supporting our customer’s to comply with the regulation.
‘General Data Protection Regulation’ (GDPR), is a new EU Data Protection Regulation that sets high standards for processing personal data. The regulation replaces current national legislation.
UK organisations handling personal data will still need to comply with the GDPR, regardless of Brexit. The GDPR will come into force before the UK leaves the EU, and the government has confirmed that the Regulation will apply, a position that has been stated by the Information Commissioner’s Office (ICO).
The new Data Protection Bill going through Parliament will transpose the GDPR into UK law, and will continue to apply post-Brexit.
Infobric customers are data controllers of personal data in staff ledger and other processing of personal data in Infobric Ease. By storing personal data and providing customer support etc, Infobric has the role of data processor.
As data controllers, Infobric customers are obligated to demonstrate that they have chosen a data processor that gives sufficient guarantees of meeting the requirements in the General Data Protection Regulation. Infobric continuously updates information about technical and operational protective measures.
As data controllers, Infobric customer need to meet the individual’s right to access or erase personal data processed in Infobric Ease, as well as complying with the General Data Protection Regulation’s requirements on weeding out data etc. Infobric develops the service for this to be as easy as possible, more information below.
The General Data Protection Regulation will apply from May 25 2018.
Personal data is any kind of information directly or indirectly attributable to a physical person. As soon as a person can be identified, for example by name, social security number, photo or location data, all information is linked to that person’s personal data. This applies, for example, to information such as IP address or ID number on a debit card, even if the person who has the data does not have access to the register that identifies the person in question. It is also enough if it is possible to conclude who the information is about, for example, the information “a crane driver from Enterprise X” is a personal data if there is only one crane driver in Company X.
Infobric started the process at an early stage in order to be compliant with the new regulation in May 2018. There is an ongoing project aimed to prepare and develop Infobric’s system and procedures according to the regulation. Infobric makes system adjustments to make sure that customers can meet the legislative requirements regarding e.g. weeding out data and fulfilling the rights of the data subjects. System changes will be in place when the regulation comes into effect, May 25 2018.
IT security is highly prioritized by Infobric. We co-operate with well-established suppliers that meet our high demands on system management and data storage. Infobric methodically work with internal processes and routines, and performs thorough investigations to ensure that we meet the IT security requirements set out by the General Data Protection Regulation. We also conduct an external review of our data security, with special emphasis on the new regulation.
Information on new functionality and new routines is provided continuously in our existing channels. In compliance to GDPR, we have also updated the Terms and Conditions for Infobric Ease including a Data Processing Agreement.
At present, customers shall contact Infobric’s Customer Service for cases concerning registry extracts, send an e-mail to firstname.lastname@example.org
Are you wondering what's the best solution for you? How you can save money in your construction projects and at the same time increase security? We can help you with your questions.