The EU General Data Protection Regulation (GDPR) will come into effect from May 25th 2018, setting a new standard for how companies use and protect EU citizens’ data.
As an EU company based in Germany, strong privacy standards have applied to us from the start. We've always been very aware of the fact that we're processing highly sensitive employee data and therefore already have extensive measures in place to protect our customers' privacy and to keep data secure.
Feel free to reach out to us - we're happy to help.
How are we preparing for GDPR?
We've been working with our Data Protection Officer to do a complete assessment of data protection, privacy and security at Small Improvements.
We’re improving our internal documentation & processes:
The audit has shown that our security measures and processes are solid, but we're updating them to ensure we are meeting GDPR standards.
You can read more about our internal documentation and processes, here.
We’re reviewing our exporting functionality
We already offer an extensive XML export of your company's data and are currently reviewing this to make sure you can comply with the GDPR regulations on Data Portability, as well as making deletion of an individual's data easier.
We’re updating our Data Processing Agreements (DPAs):
We've been reviewing the vendors we work with to update our data processing agreements in compliance with GDPR. If you are one of our customers and would like to enter into a Data Processing Agreement with us you can access the DocuSign the agreement below.
You can access and sign this agreement, here.
You can access a PDF version of this document for review at the bottom of this help article.