You may have heard about a new piece of legislation called GDPR (General Data Protection Regulation) coming into force on the 25th May 2018.
The GDPR is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. When the GDPR takes effect, it will replace the data protection directive of 1995. The regulation was adopted on 27 April 2016. It becomes enforceable from 25 May 2018 after a two-year transition period and, unlike a directive, it does not require national governments to pass any enabling legislation, and is thus directly binding and applicable. (Source: Wikipedia)
As your data processor we wanted to let you know what we are doing to prepare for GDPR so you can rest assured that your ticketing software provider is compliant. In addition we will be adding a couple of features that will make it easier for you to be compliant.
Ticket Tailor’s compliance
We have reviewed the GDPR guidelines and consulted with our lawyers and we have a clear action plan on what we need to do to achieve compliance in time for the 25th May 2018. Below is our to-do list which will be updated as time goes on.
- Assign Data Protection Officer - DONE
- Review the use of any 3rd party processors - DONE
- Update internal procedures and train all staff about the updates - DONE
- Identify features that will help Ticket Tailor clients with compliance - DONE
- Ensure 3rd party processors are ready (or getting ready) for GDPR compliance - IN PROGRESS
- Review data retention policy - BY APR 2018
- Document and publish list of 3rd party processors - BY 25TH MAY 2018
- Communicate full compliance - BY 25TH MAY 2018
If you have any questions about our approach to GDPR please email email@example.com.