The EU General Data Protection Regulation (EU GDPR) is a privacy and data protection regulation in the European Union that came into effect on 25 May 2018.
The EU GDPR imposes new obligations on organisations that control or process personal data and introduces new rights and protections for EU citizens.
GlobalReach is committed to ensuring that your privacy is protected, and we strictly adhere to the provisions of all relevant Data Protection Legislation, including both the EU GDPR directive and the revised UK GDPR directive, ensuring all personal data is handled in line with the principles outlined in the regulation that state.
The UK GDPR mirrors the EU GDPR but introduces new processes for the UK to make its own adequacy decisions and approve other UK-specific transfer safeguards. The UK GDPR directive aligns closely with the Data Protection Act 2018, more information can be found here.
GlobalReach is committed to compliance with the GDPR as a processor of personal data and has established a working group to lead our GDPR implementation project led by our GCISO and ensure compliance on an ongoing basis.
Personal data shall be:
- Processed lawfully, fairly and in a transparent manner in relation to the data subject.
- Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- Adequate, relevant and limited to what is necessary for relation to the purposes for which they are processed.
- Accurate and, where necessary, kept up to date.
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
- Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
GlobalReach respects our customers’ rights to data privacy and protection and as such we have revised our internal policies, procedures, working practices in order to meet the requirements of the GDPR.
In addition, GlobalReach is ISO/IEC 27001:2013 accredited (Certificate Number IS 692525).
Any questions related to GDPR or to issues concerning data protection generally should be addressed to:
Updated: February 2021