Wandsoft and the General Data Protection Regulation
The General Data Protection Regulation (GDPR) is a piece of legislation designed to strengthen and unify data protection laws for all individuals within the European Union. It will become effective and enforceable on the 25th May 2018.
Wandsoft is fully committed to achieving compliance with the GDPR.
What is Wandsoft doing about the GDPR?
As a responsible data-processor, we started to dedicate internal resources to the GDPR in April 2017, and here is an outline of the status:
- We researched the areas of our product and our business impacted by GDPR;
- We have reviewed the requirements to address the areas of our product impacted by GDPR;
- Our data-centres are located in Ireland, so our clients are not impacted by data leaving the EU while using Wandsoft CRM;
- We have internal procedures and training in place to minimise our access to our clients data;
- We have built-in functionality so our clients can monitor our access to their CRM during maintenance;
- We are security conscious and we use encryption on most processes;
- We have modified our built-in documentation and added a number of notices within the system to start training our clients;
- We have reviewed data-controllers/data-processor contracts;
- We have made changes and improvements to our product to ease our clients' GDPR related workload;
- We have made changes to our internal processes and procedures to achieve and maintain compliance with GDPR;
- We have reviewed contracts and security arrangments with our data-centers;
Status: In progress
- We are preparing a breach communication procedure;
- We will test all of our changes to verify and validate compliance with GDPR;
What changes is Wandsoft making to be GDPR Compliant?
We are improving anonymity within the system.
We are making changes to allow our clients to tailor how they request consent.
We are adding a series of screens and functionality to address retention periods, requests from your customers related to their rights for accessing any personal data that might stored in your Wandsoft CRM.
We are adding functionality to be more transparent about the maintenance work carried ou by Wandsoft.
We are adding a full GDPR add-on to manage your data register:
- Audit of all IT assets with indication as to whether assets are encrypted
- Management of staff and contractor
- Training management so you prove your staff was trained for data potection;
- Asset allocation so you know who is using what and ensure data is encrypted
- Full data audit
- Privacy impact assessment (threat analysis and business impact)
- Register to log request for information and any GDPR impact
- Document management for procedures and policies
We are confident these changes will address the requirements of GDPR.