The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.
The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
It becomes enforceable from 25 May 2018.
Since Shift F7 are ISO 27001 accredited the company has already gone a long way to achieving GDPR compliance by minimising the risk of a data breach. The GDPR states that organisations must adopt appropriate policies, procedures and processes to protect the personal data they hold.
For contractual customers of Shift F7 the main Framework Agreement has been updated to reflect Shift F7’s position as the Data Processor.