As we're sure you are aware, new Data Protection legislation (GDPR) is due to come into force this month, on the 25th May 2018, for all organisations continuing to offer goods and services within the EU.
The legislation will introduce increased responsibilities (and definitions to cover these responsibilities, such as Data Controller, Data Processor, and Data Subject). The legislation will also improve transparency and the rights of the individual when it comes to using, storing, and processing personal and sensitive information.
GDPR requires all Data Controllers (that's you, our customers!) to have specific clauses in their contracts with Data Processors (that's us!) to make sure their data is properly protected.
In light of this, we have updated our Terms and Conditions of Sale to ensure your contract with us remains compliant.
It's just an extra helping hand from us to help save you some time!
Please view the full and updated Terms and Conditions here.
Here's a summary of the changes we've made:
We've added some new definitions to cover Data Controller, Data Processor, Data Subject, ICO, and Personal Data.
- Limitation of Liability
We have included some GDPR-specific clauses for you, the 'Data Controller', and for us, the 'Data Processor'.
- Data Processing
We've added a new Section 8 to confirm our obligations for processing; including giving you a new Right to Audit and details of how we store, manage, transfer, and delete your data.
- Data Subject Access, Complaints and Breaches
We've also inserted a new clause (Section 9) for Data Subject Access (DSA) and Complaints and Breaches.
Due to the additional clauses required by GDPR, the following clauses have been renumbered: Section 8 (Notices) is now Section 10; Section 9 (No Assignment or Sublicensing) is now Section 11; Section 10 (General) is now Section 12.
Want to get your organisation up to speed with GDPR? Click here to view our selection of GDPR-ready eLearning courses.