We closely work with a law firm to maintain all GDPR requirements and we will sign a GDRP agreement with you called Data Processing Addendum which describes all legal aspects of how we process clients’ data and what measures we have in place to cater legal needs.
There are specific rules and regulations in the office for all staff to protect clients’ personal data.
- Every staff member has to sign a non-disclosure agreement with GAAP Outsourcing before joining the office.
- We send password-protected emails to clients which includes clients’ personal data like Address, telephone number, Date of birth, National Insurance Number, email address, any passwords, bank account details.
- Our staff is all trained to work with documents on screen but if anything really requires printing, we have trash facilities available to make sure no personal data is in presence.
- Electronic devices such as personal mobile phones, laptops or any other data transfer devices are not allowed in the work area.
- We conduct random audits specifically with clients’ personal data to ensure security policies are adhered to.
- We have a post-graduate data manager who is always in contact with lawyers to make sure all GDPR requirements are in place.