GDPR: A new way of working

GDPR is here!

As of the 25th of May, the General Data Protection Regulation (GDPR) has come into effect in the European Union. If you’ve been paying attention to the emails flooding your inboxes about updated privacy policies, you would know that the GDPR is an ambitious new chapter in EU privacy protection which aims to better protect personal data and enforce rules to prevent data being shared or leaked to unauthorised parties.

The new General Data Protection Regulation builds on the existing EU privacy protection structure laid out in the Data Protection Directive of 1995. But GDPR extends the level of protection substantially, resulting in many new rights for data subjects and many new obligations for controllers and processors.

This regulation has huge consequences for all organisations worldwide which process the data of European Union citizens. At inlumi, we’re ready: with new processes and a company-wide awareness for the importance of handling personal data with care.

Privacy by design at inlumi

In a rapidly-changing digital world where our personal data is being collected more nonchalantly than ever, regulations like the GDPR are extremely important. The GDPR forces organisations to take that data seriously. All organisations should lawfully be able to justify their use of personal data and must take serious measures to prevent data breaches.

The legislation requires a fundamental change in the way that we do our work, leading to what is referred to as “privacy by design”. At inlumi, we have implemented several measures to make sure we meet the standards of the legislation:

  • We have worked to build data protection and security by design for our products and services;
  • We have taken measures to harmonise data protection and security controls;
  • We have signed processing agreements with all our customers and model clauses to cover processing in USA and Australia;
  • We have organised risk management and accountability simultaneously;
  • We have trained every staff member in GDPR awareness;
  • We have made privacy a fundamental part of our working procedures on all levels;
  • We are ISAE 3402 type II and ISO 27001-2017 certified, making us a trusted partner who handles information securely.

This isn’t just about being compliant: we are taking advantage of this opportunity to explore a new way of working that gives our clients and online visitors more control over their own data.

Should you have any concerns or questions, contact the inlumi Privacy Officer at paola.van.tuijl@inlumi.com.