Introduction to GDPR
GDPR, or the General Data Protection Regulation, is coming into effect on May 25th, 2018. It provides EU citizens everywhere a new, standardised, set of rights regarding their personal data both online and offline. It also requires all businesses, even those outside the EU which handle personal data of EU citizens, to meet a unified standard for handling personal data.
We welcome the new GPDR regulations. The principals of transparency, privacy, and the increased data privacy rights will now be applied in a more uniform and fair way.
It is important to note that the new GDPR regulations don't just apply in your web store, they may affect every aspect of your business. We encourage every business to become familiar with the new regulations and how they will impact all business processes.
As a business, ES Tech Group will be GDPR compliant when it comes into effect on May 25th, 2018. We will also fulfil our obligations as a data processor through our Evolution and EvolutionX web stores. As an EvolutionX customer you are the data controller and you are responsible for your business being GDPR compliant when the new regulations come into effect on May 25th.
What is ES Tech Group doing to get ready for GDPR
As a data processor ES Tech Group is preparing for GDPR by identifying the ways that personal data is stored so that we can clearly communicate that to the data controllers (webstore owners). We will be providing clear lists of the personal data stored so that it is transparent for web store owners and individuals.
We are committed to security by design and by default. We are training our staff on the principals of GDPR and we'll regularly review our practices and how we can improve them.
We have a dedicated email address for our Data Protection Officer now at dpo[at]estechgroup.io
ES Tech Group have hosted three webinars for our webstore owners to share more about how we are addressing GDPR. You can watch these webinars if you are a current or prospective customer of Evolution Software Web Store or EvolutionX Web Store. Encourage your staff to also view the webinars. You should also plan to do your own staff training in GDPR processes for your business.
ES Tech Group will be assisting our web store owners by providing tools and processes needed for a data controller to comply with GDPR. As a webstore owner you are a Data Controller and you will need to update your processes so that they comply with GDPR.
While we are not accepting any liability or responsibility in respect to your business compliance with GDPR, as a data processor we will be compliant with our obligations under GDPR and will share information with you to assist you. The webinars, documents, and discussions we prepare and share with our webstore owners should not be considered specific legal advice but are meant as informational only. Please consider and seek independent legal and consultative advice to determine your own GDPR compliance needs. Above all, read everything you can about GDPR regulations.
Getting to Know GDPR
GDPR compliance is a journey, not a destination. You will want to continually work on GDPR compliance and make it a natural part of your business processes.
The GDPR principles as it relates to personal data include:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Data retention
GDPR also gives individual EU citizens' rights over their personal information stored by organisations. These include (but are not limited to):
- Right to be informed
- Right to access
- Right to be forgotten
- Right to suspend processing
- Data Portability
- Clear and easily understood information
- Watch our webinars below. This will be the best way to inform yourself on GDPR updates from Evolution.
- Visit our Data Protection section of our online documenation and search "GDPR" for other related articles.
- Educate yourself on the new GDPR regulations and how they will affect your business online and offline.
- Identify who in your business can champion the changes needed to be GDPR compliant.
- Consider highering an external DPO (Data Protection Officer or naming an internal one).
- Train your staff so they are following the GDPR regulations.
- Identify the personally identifiable information that you current collect online and offline in your business.
- Identify any third-parties with whom you share personal data.
- Consider what legal and consultative advice you need to review and advise on your implementation of GDPR policies.
- Become transparent and fair in your use of Personal Data.
Current Evolution web store owners are invited to watch our free, 30 min, GDPR webinars. We've held three webinars over the next few weeks to inform you about GDPR issues as the relate to Evolution Webstores.
This content is purely for informational purposes only. It is not intended to constitute advice, whether legal or otherwise. No contract or legal relations are, or are intended to be, made between ES Tech Group or Evolution Software and you. Under no circumstances shall ES Tech Group or Evolution Software be liable for any loss, damage, liability or expense incurred or suffered by you which is claimed to have resulted directly or indirectly from your use of the information provided in this statement.
Data Protection Docs and Guides
Note: Most of these resources apply to both EvolutionX and legacy Evolution web stores.