THE EU'S GENERAL DATA PROTECTION REGULATION
THE EU’S GENERAL DATA PROTECTION REGULATION WHAT IS IT?
ED OPT
IN
COMES INTO FORCE IN
APRIL
MAY
AD
2016 2018 WHO DOES IT APPLY TO? It applies to all organisations- public and private, anywhere in the worldthat handle, store or process the personal data of EU citizens. GDPR dictates the procedures and consequences surrounding data breaches and notification.
EVERYONE NEEDS TO BE READY
YOUR ITAD PROVIDER ITAD providers must demonstrate compliance to DATA SECURITY
Know your data ADISA ITAD Standard What data exists?
Breach’ ‘Personal Data ding
of security lea means a breach l or unlawful to the accidenta , alteration, destruction, loss cess sclosure of, or ac unauthorised di transmitted, to, personal data ise processed. stored or otherw
ISO 27001 Where is data held? CAS-S How is data managed?
Who has access to data?
THE CONSEQUENCES OF NON-COMPLIANCE ARE SEVERE:
Every organisation should have a DATA PROTECTION OFFICER
Fines of up to €20,000,000 or 4% of global turnover, as well as
The risk of class action lawsuits
Staff Training
from data breach victims
Data Breaches must be reported to the supervising authority within
DISRUPTION TO
BUSINESS
Damage to a brand’s reputation, which can take years to remedy
Internal Audits
Notifying the supervisory authorities if there is a breach
72 hours Your ITAD provider should demonstrate best practice in
DATA SECURITY to evaluate and mitigate risk in data processing
ITAD providers should have
CYBER LIABILITY INSURANCE
backed by 3rd party incident and damage limitation All data being stored should be obtained by consent: freely given, informed, unambiguous
OPT IN
NOT OPT OUT
Ensure that your data and reputation are secure and ready for the GDPR. Contact Sims Recycling Solutions today. Call: +44 (0) 800 6526 100 Email: [email protected] Visit: www.simsrecycling.com
ED OPT
IN
COMES INTO FORCE IN
APRIL
MAY
AD
2016 2018 WHO DOES IT APPLY TO? It applies to all organisations- public and private, anywhere in the worldthat handle, store or process the personal data of EU citizens. GDPR dictates the procedures and consequences surrounding data breaches and notification.
EVERYONE NEEDS TO BE READY
YOUR ITAD PROVIDER ITAD providers must demonstrate compliance to DATA SECURITY
Know your data ADISA ITAD Standard What data exists?
Breach’ ‘Personal Data ding
of security lea means a breach l or unlawful to the accidenta , alteration, destruction, loss cess sclosure of, or ac unauthorised di transmitted, to, personal data ise processed. stored or otherw
ISO 27001 Where is data held? CAS-S How is data managed?
Who has access to data?
THE CONSEQUENCES OF NON-COMPLIANCE ARE SEVERE:
Every organisation should have a DATA PROTECTION OFFICER
Fines of up to €20,000,000 or 4% of global turnover, as well as
The risk of class action lawsuits
Staff Training
from data breach victims
Data Breaches must be reported to the supervising authority within
DISRUPTION TO
BUSINESS
Damage to a brand’s reputation, which can take years to remedy
Internal Audits
Notifying the supervisory authorities if there is a breach
72 hours Your ITAD provider should demonstrate best practice in
DATA SECURITY to evaluate and mitigate risk in data processing
ITAD providers should have
CYBER LIABILITY INSURANCE
backed by 3rd party incident and damage limitation All data being stored should be obtained by consent: freely given, informed, unambiguous
OPT IN
NOT OPT OUT
Ensure that your data and reputation are secure and ready for the GDPR. Contact Sims Recycling Solutions today. Call: +44 (0) 800 6526 100 Email: [email protected] Visit: www.simsrecycling.com
