What is GDPR?
In 2016, the European Commission approved and adopted the new General Data Protection Regulation (GDPR). GDPR is a significant change in data protection regulation in the EU and replaces the existing legal framework (the Data Protection Directive and the various member state laws). It came into effect on May 25, 2018.
Why is GDPR important?
GDPR adds some new requirements regarding how companies should protect individuals’ data that they process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breaches.
What has Grey Energy LLC done to comply with GDPR?
We have implemented changes and our commitment to your privacy continues
Our compliance, data protection, and information security teams work hard to align our services with GDPR. In our role with end-user information, we have provided a Data Processing Agreement, that meets the requirements of GDPR.
We have worked hard to meet our obligations as a processor under Article 28 of GDPR. To this end:
We continue to process your customer and end-user data per your instructions.
We have implemented appropriate technical and organizational measures to protect the data with which you entrust us.
We have instituted a policy informing and obligating our employees to maintain the confidentiality of your information.
We have instituted a procedure to assist you in complying with requests for access, amendment, or deletion.
We are able to inform you without delay in the event of a data breach.
We will delete your customer/end-user information at the end of our agreement with you if you ask us.
We have also updated our terms of service and privacy policy to provide greater transparency about our practices and help you pass that forward to your customers and end-users.
As guidance about specific aspects of GDPR continues to be published, we will also continue our efforts to fine-tune and improve our compliance.