General Data Protection Regulation (GDPR) Center
The European Union’s General Data Protection Regulation (GDPR) protects European Union data subjects’ fundamental right to privacy and the protection of personal data. It introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance.
How is UTC Hub tackling GDPR?
Data privacy and safeguarding is our number one priority and is our first consideration when developing new features for UTC Hub. This article explains the steps we have already taken and are taking to become GDPR compliant. We have initiated and/or completed several projects focusing on the processing of customers’ personal data. These projects include, but are not limited to:
- Undertaking a Data Protection Impact Assessment (DPIA) and GDPR readiness assessment.
- Creating a record of all personal data processing activities.
- Obtaining, documenting and maintaining a legal basis for each processing activity that we carry out.
- Creating a procedure for notifying third parties when customer data needs to be deleted.
- Creating policies and procedures to respond to data rights requests.
- Appointing a Data Protection Officer.
- Introducing more data notices throughout the platform informing users who their data will be visible to.
- Ensuring that all personally identifiable data is encrypted at rest and in flight.
- Adding the ability for website visitors to opt in or out to cookies that we use, such as Google Analytics.
- Producing a public version of our internal security policy to explain how your data is kept safe.
- Putting in place a Breach Notification Plan.
- All UTC Hub employees are DBS checked and go through safeguarding training. Access to data is strictly limited to employees that require it.
Upcoming projects include:
- Upgrading monitoring systems to track, limit and log all data access by UTC Hub employees.
- Scrubbing all log files of personally identifiable information.
- Carrying out extensive penetration tests to highlight and resolve any vulnerabilities.
- Setting up an intrusion detection system across our databases to monitor for malicious activity.
- Completing external, independent review of our data protection and safeguarding processes.
All future development of new modules and features for UTC Hub will be preceded by a Data Protection Impact Assessment (DPIA).
We will continue to update you as and when these projects have been completed. Please feel free to refer back to this article and be sure to look out for in-app messages and email communication.
If you have any questions please contact the team on 0203 637 7160 or at firstname.lastname@example.org.