Blue Photo and the GDPR
General Data Protection Regulation (GDPR) is coming in May 2018. Here’s how we’re getting Blue Photo ready.
At Blue Photo, we take privacy seriously and we are committed to continuing to comply with data protection laws.
What is the GDPR?
The GDPR is a European Union regulation that establishes a new framework for handling and protecting the personal data of EU-based residents. It comes into effect on May 25, 2018.
Personal data plays a huge part in society and the economy. It is essential that people have — and know they have — control and clarity over how their data is used and protected by any organisation they interact with, and that organisations are given clear guidelines to protect their personal data.
One of the aims of the GDPR is to harmonise and bring data privacy laws across Europe up to speed with the rapid technological change in the past two decades. It builds upon the current legal framework in the European Union, including the EU Data Protection Directive in existence since 1995.
GDPR is an opportunity to build a stronger data protection foundation for the benefit of all. Splento is committed to ensuring that our platform is GDPR-compliant when the regulation becomes enforceable on May 25, 2018.
How will Blue Photo comply with the GDPR?
- Trust is the foundation of our relationship with thousands of people and businesses around the world. We value the confidence you’ve put in us and take the responsibility of protecting your information seriously.
- Blue Photo’s experts have carefully analysed the GDPR and are undertaking the necessary steps to ensure that we comply. Blue Photo has personally overseen Legal, Privacy and Compliance Teams preparing the company for GDPR.
- For every new product and service, we’re proactively applying the Data Protection.
- We will meet the requirements of the GDPR by 25 May 2018.
Blue Photo is committed to transparency, control and accountability.
- Transparency: Our Data Policy will remain the single consolidated place that maps out the ways in which we use data and process people’s personal information.
- Control: We’ll continue to provide people with controls over how their data is used. To build on this, we’re simplifying the design of our privacy settings in a new control centre. Privacy by design means that organisations handling personal data need to think about data protection when designing systems, not just review privacy implications after a product or process is developed. If you process a lot of data or deal with sensitive information, in many cases you’ll also need to conduct data protection impact assessments to meet the privacy by design principle.
- Accountability: We are accountable for our privacy practices, which includes updating our existing compliance program to ensure that we are adequately documenting our GDPR review and compliance.
What are your obligations under the GDPR?
- It is important to remember that you, as the business customer and the data controller, have specific legal obligations under the GDPR.
- You should be confident that any providers (data processors) which you work with have a highly robust approach to data protection, understand the obligations of the GDPR, and are well prepared to meet them.
- Remember, however, that no provider can offer to “solve” GDPR compliance for you.
With our current measures and continual improvements, we believe we are well placed to provide appropriate security measures for your data and earn your trust.