How Atradius is preparing for the implementation of the GDPR
Data is an integral part of Atradius’ core business and we always give priority to protecting it in compliance with relevant legislation and regulations at international and local level. Ensuring efficient data protection and privacy, requires that from time to time we adapt and update our internal processes and systems to accommodate changes in data management and associated data protection laws and regulations.
This is why Atradius has established a group-wide programme to ensure we are compliant with the most significant change in data privacy regulation at EU level, the introduction of the General Data Protection Regulation (GDPR), that came into force on 25 May 2018. The GDPR addresses the vast changes which have taken place in the digital arena over the past two decades and seeks to harmonise the approach to protection of personal data across Europe by establishing a single set of pan - European rules.
Although Atradius focuses on business-to-business activity, we are aware that the GDPR brings additional obligations regarding personal data protection that apply to our business and we welcome the opportunity to enhance our processes and systems to meet these requirements.
Below, we give you an overview of the main activities we have undertaken in order to help you understand how we are approaching the GDPR. This also demonstrates that we understand the importance and relevance of the GDPR not only to our business but also to yours.
Some of the measures we are working on include:
- Further aligning our organisational data protection structure in line with GDPR standards.
- Reviewing how personal data is handled in view of GDPR requirements.
- An ongoing internal campaign aimed at embedding awareness on how we must handle personal data at all times
- Preparing a procedure to efficiently handle data access requests of data subjects.
- Continuing to embed data protection and security in our future organisational and IT design.
- Reviewing the relevant company policies and procedures regarding personal data.
- Preparing a communication strategy regarding persons and/or organisations for whom we keep personal data.
Making continual adjustments and improvements to ensure we are best positioned to meet our legal obligations is an integral part of how we operate. We see GDPR as a further opportunity to continue our tradition of protecting our customers and giving you more control over both your organisational and personal data.