Colins IT GDPR Statement

EU General Data Protection Regulation (GDPR)

The EU General Data Protection Regulation (GDPR) is the most significant piece of European privacy legislation in two decades. It replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data, and creating a uniform data protection law across Europe.

The European General Data Protection Regulation (GDPR) is enforceable from May 25th 2018.This legislation changes the landscape of regulated data protection law and the way that companies collect and use personal data.

The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

As a trusted IT Support company (Managed Service Provider) Colins IT is committed to not only ensuring our own systems are secure and the data we have is protected but also our clients. We ensure that all the tools we use are fully GDPR compliant and therefore will not pose a security risk. We ensure any 3rd party applications we use are GDPR compliant. We ensure that any subcontractors we use have signed a confidentiality notice that is GDPR compliant.

We regularly review our Information Security Policy and related work plans to ensure that they take into account all requirements, confirming we’re fulfilling our obligations to GDPR as a data processor.

Our customers depend on us to manage and protect their environments. Only a limited number of roles within Colins IT are authorised to access client environments and then only when necessary, according to strict guidelines and documented actions. We comply with information security best practices including multiple-factor authentication and encryption.

Our ability to fulfil our commitments as a data processor to our customers, the data controllers, is a part of our compliance with GDPR where data controllers are using Colins IT to process personal data. Because of this requirement, Colins IT is performing an internal process to ensure we’re doing the maximum to protect data and improve our processes and procedures where we identify the opportunity.