Here at The Polyglot Group, we take your right to data protection and privacy very seriously. You can trust that we are committed to meeting the highest standards.
As such, we are introducing new measures to ensure compliance with the General Data Protection Regulation which comes into play on May 25, 2018.
What is GDPR?
The General Data Protection Regulation (GDPR) is a regulation in European Union law on data protection and privacy for all the residents within the EU. The GDPR was adopted in April 2016 and came into effect on the 25th May 2018.
Who Will Be Impacted?
The GDPR law will impact all businesses working with personal data from the EU. Having extraterritorial effect, the GDPR imposes obligations on companies which handle EU personal data, irrespective of where the company is located.
As a global consulting company, Polyglot Group has a genuine commitment towards GDPR. This is not only because we are obliged to do so, but also because we think protecting personal data and privacy is extremely important in a digital and globalised context.
Over the last few months, Polyglot Group has implemented some measures to ensure the company is compliant with GDPR worldwide. We have closely analysed the requirements of the GDPR and adapted our internal and external procedures accordingly.
The Actions Taken By The Polyglot Group
After taking all research measures to ensure we understand GDPR requirements, all Polyglot Group internal processes have been reviewed to meet these requirements.
The following outlines the measures that Polyglot Group has taken over the past few months and is currently undertaking:
1. Researching the GDPR’s impact on our industry and business
We have attended seminars, conferences, workshops and webinars about GDPR to clearly assess the impact of this regulation in regard to our entities located both within the EU and outside of the EU.
2. Choosing a Specialised Data Protection Partner
Our Compliance & IT team has been working with a specialised data protection firm for several months. This collaboration is to ensure we implement the correct measures in regard to data protection.
3. Conducting Risk Analysis
Together with our data protection partner, we have reviewed our internal and external procedures, plus assessed the risks in regard to data protection.
4. Creating an Information Security Document GDPR Compliant
We have developed an 80-page Information Security Document which thoroughly covers the internal processes on how to collect, store, access, protect, transfer and destroy personal data. This document also details how to react in case of a security breach according to the GDPR requirements.
5. Communicating with Key GDPR Ambassadors
We have identified the employees who may be impacting data protection within the company. We have educated and trained these employees to ensure they understand the importance of this regulation.
6. Defining Roles and Responsibilities
We have defined the responsibilities regarding data protection by appointing a Data Protection Officer and an IT Officer, as well as one responsible person per department and platform.
7. Liaising with the Marketing Team
Our Marketing, Compliance and IT team have worked together in order to ensure marketing communications follow the requirements established by GDPR; especially in regard to consent.
8. Communicating with the rest of our Employees
We have summarised the Information Security Document in an Information Security Policy that all the employees within the company must read and sign.
9. Signing Contracts with Partners on Data Protection
We have requested our partners follow the same high-level of information security that we offer to our clients, candidates, and prospects.
10. Hosting General Sessions and Specific Training on GDPR
Across our departments, we have scheduled both general sessions and specific training sessions to ensure our employees understand, apply and follow the measures implemented on data protection and privacy.
11. Conducting Periodic Assessments and External Audits
Polyglot Group will continue to assess the company’s practices and procedures on a regular basis. Additionally, our partner specialised in data protection will audit the company every year to guarantee ongoing compliance with GDPR.
We look forward to continuing to serve the community whilst ensuring their privacy and right to data protection is always granted.