This statement relates to the goods and services provided by the Nycomm Group (including all of its group companies) as a Data Processor and Data Handler under the EU’s General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”). The GDPR sets new standards and compliance requirements for every company that holds or processes personal data. It replaces the 1995 EU Data Protection Directive and strengthens the rights that EU individuals have over their data.
Why does the Nycomm group need to collect and store personal data?
The Nycomm Group is:
- A Data Controller in relation to its own employee data.
- A Data Controller and Data Processor in relation to third-party customer data.
The Nycomm group is required to hold customer data and information for a range of purposes, such as the completion and performance of contracts for goods and services and for marketing. All data will be held for legitimate business purposes and will be stored and processed in strict compliance with the GDPR at all times.
How does the Nycomm group receive, transmit and store information?
The Nycomm Group has reviewed its methods of storing, transmitting and receiving data, and has implemented full and effective safeguards to ensure that the necessary security is in place for all data and that such data will only be transmitted to a third party for legitimate business purposes.
Data Controllers must comply with the GDPR and must only appoint Data Processors who can provide “sufficient guarantees” that the requirements of the GDPR will be met and the rights of data subjects protected. Data Processors must only act on the documented instructions of a Data Controller. The Nycomm Group will therefore only appoint external Data Processors when satisfied that they will also fully comply with the GDPR. Under the GDPR, individuals now have the right to ‘be forgotten’, and upon request, the Nycomm Group shall delete all information pertaining to the requesting individual, subject to article 17 of the GDPR.
How does the Nycomm group deal with data breaches?
The Nycomm group has a robust and secure data security system in place to prevent any data breach. However, in the unlikely event of a data breach there are processes and procedures in place for identifying and limiting a breach, and for reviewing and promptly reporting back to the relevant controller and the ICO.
We would stress again that we have comprehensive technical and organisational security measures in place to mitigate against a data breach.