General Data Protection Regulation (GDPR) Statement

GroupBC Executive Summary

GroupBC has assessed every paragraph of the GDPR and matched its own activities and products against all of those paragraphs in four key areas. GroupBC considered the regulation against GroupBC as

  1. A data controller of its own employee data.
  2. A data controller or processor of third party data such as activity relating to direct marketing.
  3. A Software as a Service (SaaS) supplier.
  4. A business that develops software.

A public document will be made available that details the policies and activities that GroupBC employs matched to the clauses of the GDPR should any customer have a detailed question in respect of compliance.

GroupBC will also provide a document that details the features of the SaaS provision that means you can have confidence that the organisation and software you are working with are fully GDPR compliant.

GroupBC is certified to ISO 27001:2013 demonstrating a commitment to Information Security.

GroupBC is hosted solely from UK data centres.

 

Activity

GroupBC has amended its activities and associated policies and procedures as necessary in order to fully comply with GDPR following a thorough assessment.

GroupBC has amended its customer and supplier contracts to ensure the GDPR reaches throughout the supply chain for the provision of its SaaS services.

GroupBC has reviewed all of its suppliers for compliance with GDPR paying very close attention to its marketing activity suppliers.

GroupBC has carried out Privacy Impact Assessments as necessary.

GroupBC  offers additional cyber security options for customers who feel they would like to increase their monitoring of activity in relation to their own specific system.

The GroupBC website and direct marketing activity has been updated so that customers have the assurance that they will be contacted and treated in accordance with GDPR requirements.  The website will contain GroupBC’s privacy policies clearly identified.

The SaaS platform has been fully reviewed and amended as required. The software is developed under the guidance of GroupBC’s secure development requirements.

GroupBC will be maintaining accreditations that demonstrate its commitment to information security, including personal data.