We are ready for GDPR
For us, the high quality of our services and the level of security are very important. From the very beginning we have been focusing on the reliability and safe handling of our customers’ personal data. For this reason, our operations meet both the ISO 27001 security requirement and VAHTI2-level information security, set by the Finnish government’s Information Security Management Board.
The EU’s general data protection regulation, GDPR, came into force in last year, but the transition period ends in May 2018. The purpose of the new regulation is to strengthen the rights and freedoms of individuals, to take into account the global dimension of data protection and to improve the enforcement of data protection rules. We at Cloudia have already made a report that our operations and services meet the requirements of the new EU directive.
Among other things, we:
- Identify and analyze all our processes, policies and practices to ensure that we continue to work in compliance with the GDPR requirements
- Have written operational models, documentation and risk management plan
- Have defined user rights in information systems
- Carry out a Data Protection Impact Assessment (DPIA) and have designated a Data Protection Officer (DPO)
- Incorporate GDPR principles in our product development planning