Does your board work GDPR-safely?
Boardeaser is prepared for the new Data Protection Regulation (GDPR) to come into force on May 25 so that you can work GDPR-safely.
Measures to enable you to work GDPR-safely:
- Updated data protection policy
- Updated internal security practices
- Updated terms including data processing agreements
- The rights of data subjects can be ensured
- Boardeaser meets requirements for personal data assistants
When customers of Boardeaser use the service to store personal data, this is called the data controller. This means that our customers own the information stored in the service, it is only they who have access to the personal data and those who are responsible for ensuring that they are handled correctly.
When Boardeaser provides a service where it is possible to store personal data, Boardeaser acts as a personal data assistant. Boardeaser guarantees that personal data stored in the service is protected and that there are procedures in place so that the rights of data subjects can be ensured.
Boardeaser also stores personal data, such as the names and email addresses of our customers or stakeholders. Boardeaser has therefore introduced routines for this handling to also comply with the regulations, such as that email addresses that people provide to read our newsletter are only used for this.
Take our test – is your board prepared to work GDPR-safe?
The GDPR applies to the board as well as the rest of the business in an organization. Take our test – can you answer yes to all questions?
- Are you aware of what the new General Data Protection Regulation (GDPR) means for you?Ensure that you can comply with GDPR based on your situation by reading about the basics on the Data Inspectorate’s website.
- Do you store personal data correctly?
An inventory must be made with what types of personal data are stored and where this occurs. A so-called assistant agreement must also be in place with external services. Boardeaser’s Terms of Service include a Data Processing Agreement, please see this on Settings when you log in, or on our Terms page.
- Do you have procedures in place to meet the rights of data subjects?
Data subjects have a number of rights that the controller must be able to fulfil. Boardeaser has developed procedures to ensure the rights of data subjects and also to assist our customers as counsel.
- Are there procedures in place for personal data breaches?
Procedures must be in place to be able to detect and handle any cases of personal data breaches. These must also be reported within 72 hours to the Data Inspectorate. Boardeaser has ensured procedures for monitoring and reporting personal data breaches.
- Does the organization store personal data securely?
The GDPR requires personal data to be stored securely. Boardeaser is securely built from scratch, for example, all data is transmitted and stored encrypted.
If you have answered yes to the questions above, you can feel confident that you are working GDPR-safely.
Read more about the General Data Protection Regulation (GDPR) on the Swedish Data Protection Authority’s website: datainspektionen.se