Commitment to the GDPR

FreshSurf’s Commitment to the GDPR

The General Data Protection Regulation (GDPR) will apply from 25 May 2018 and is a policy that protects the rights of personal data of individuals within the EU.

While many of the principles build on current EU data protection rules, the GDPR has a wider scope, more prescriptive standards and substantial fines. For example, it requires a higher standard of consent for using some types of data, and broadens individuals’ rights with respect to accessing their data. It also establishes significant enforcement powers, allowing a company’s supervisory authority to seek fines of up to 4% of global annual revenue for certain violations.

In particular FreshSurf is committed to the following:

  • Transparency: The updated Privacy Policy is written in non-legalise English which can be easily understood and clearly defines the ways in which Personal Data is used.
  • Control: Clients and their Customers are able at any stage to request access to data that is held within our system, and if desired, deletion of this data can be requested.
  • Consent: Consent must be freely given, specific, informed and unambiguous for usage of Personal Data.
  • Accountability: All efforts are made to ensure the security of Personal Data, however in the event of a breach of data the appropriate supervisory authorities shall be informed within 72 hours of the breach.

In preparation for the GDPR, FreshSurf has updated its Privacy Policy, which should be reviewed by all of our Clients and their Customers.