As you will no doubt be aware the General Data Protection Regulation (GDPR) comes into force today (25th May 2018), which introduces new and enhanced obligations to the processing of personal data.
Prima Software has always taken data protection seriously and understands its duty as a Data Processor. We will only act on your behalf on the handling of your customer data and will ensure that all personnel who process any of the personal data are contractually obliged to keep this confidential. We will continue to make improvements to our products and services to help you with your GDPR compliance as the Data Controller.
We will continue to ensure that appropriate security safeguards and virus protection are in place to protect the hardware and software of our Microsoft Azure hosting platform, which is used in the processing of your data, in accordance with best industry practice.
In the unlikely event of a security breach where personal data has been compromised, we fully understand our obligations and will notify you without undue delay.
At the end of any Service Agreements, all personal data will be deleted and securely disposed of, unless retention of such copies is required by law. You should ensure you have taken necessary steps to transfer or backup data you wish to continue to use.
To further demonstrate our commitment to security and GDPR, Prima is looking to gain Accredited Cyber Essentials and IASME certification.
If you require us to:
1) Sign a Data Controller / Processor agreement
or
2) If you would like to request access the individual personal data that we have stored in our system.
Then please email gdpr@primasoftware.co.uk and we will respond within an appropriate timeframe.
