General Data Protection Regulation statement
The new General Data Protection Regulation (GDPR) comes into effect on May 25th 2018. It builds on existing EU data privacy rules, strengthening in many key areas and non-compliance potentially results in severe financial penalties.
Tungsten Network is highly committed to maintaining high standards of information security, privacy and transparency, whether as a data controller or data processor.
We take our responsibilities in relation to the protection and security of our data and that of our employees, customers, vendors and partners incredibly seriously and the changes being introduced to ensure GDPR compliance are part of a continuous, ongoing process that has always been central to what we do.
We already have in place current industry best practices such as IS0 27001 and Cyber Essentials certifications. Going forwards, Tungsten Network will fully comply with applicable GDPR regulations when they take effect on 25th May 2018, while also working closely with our clients and vendors to meet contractual obligations for our products and services.
Tungsten Network has adopted a robust ISO-based Management System (ISMS) and to ensure compliance, we have improved our internal controls and monitoring to meet GDPR requirements within the ISMS framework and these will be tested and reviewed by external auditor.
We have also conducted data protection risk assessments, updated relevant policies and procedures to be in line with GDPR requirements and have supported regular communications and training programmes to our all of our employees worldwide.
Tungsten Network has appointed a Data Protection Officer to oversee, advise and monitor compliance and at the same time the business will take necessary decisions to implement any new process or tools that are deemed appropriate to support the GDPR process and ensure ongoing delivery of objectives.