General Data Protection Regulations (GDPR)

At Northstone Systems, we take data protection very serious. That is why we have been reviewing all of our policies in the build up to the General Data Protection Regulations which will come into force on the 25th May 2018.

As part of that commitment, we have been reviewing all of our procedures in relation to iVech, both internally and externally. We have identified a number of areas that we have / are working on in order to provide a better environment and to ensure we comply.

Issues that we've identified and work we've done includes:

  • We've reviewed and rewritten our data protection and data breach policies
  • We've changed some of our in-house processes to be more secure
  • We've introduced new form fields when adding customer data into our systems
  • We're working on a new eSignature system from a third party provider
  • We're building data monitoring tools for clearing out old customer information
  • We're building a tool to get re-consent for information you already hold

What does this mean for me as a customer?

If you're reading this, it most likely means your one of our iVech customers. As your data processor, it's our responsibility to process that data in accordance with GDPR. As the hire company, it's your job to ensure that you get consent for the data you're storing with us. You'll also need to have your own data protection policy. If you identify any 'needs' that our system doesn't provide in terms of data protection tools, please get in touch and we'll do our best to address your issues.

We arn't lawyers. If your looking for GDPR advice we'd suggest contacting a data protection professional, lawyer or solicitor.

What is GDPR?
The General Data Protection Regulations is a new set of EU laws which apply to all countries in the EU. The regulations will replace the UK's current Data Protection Act 1998. It's been stated that GDPR will still apply once the UK has left the EU.
Remember...
Although we have a data protection policy in place, as a hire customer, you still need your own policies. We comply with GDPR, however, you still need to ensure that the processes at your end comply (IE. getting consent for the data you store with us).