The General Data Protection Regulation (GDPR), the EU’s new privacy law that replaces the Data Protection Directive 95/46/EC, aims to bring order to a patchwork of privacy rules across the EU. GDPR will be enforceable as law in all EU member states on May 25, 2018. If you would like to read more about this regulation please find it here: http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN
The GDPR is European legislation designed to harmonize data protection across the EU. It imposes new regulations for companies to protect consumers regarding data processing, access, and security, in addition to tougher enforcement for breaches of the rules.
The GDPR was created around six core principles for personal data and the belief that personal data should be:
- Lawfulness, Fairness, and Transparency – Processed lawfully, fairly, and in a transparent manner in relation to individuals.
- Purpose Limitation – Collected for specified, explicit, and legitimate purposes and not processed beyond those purposes.
- Data Minimization – Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
- Accuracy – Accurate and, where necessary, kept up to date.
- Storage Limitation – Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
- Integrity and Confidentiality – Processed in a manner that ensures appropriate security of the personal data.
The GDPR contains several new protections and threatens significant penalties for non-compliance. In addition, there are new security, recordkeeping, access rights, and notification procedures that companies must implement to ensure compliance. Issues that are attracting particular attention include increased administrative requirements and the need to provide the tools necessary to meet the numerous obligations on both controllers and processors.
GDPR and Electro-Glo Distribution Ltd
Electro-Glo Distribution Inc. takes its legal and regulatory obligations seriously. Moreover, we take data privacy and security very seriously. We are constantly working to ensure we collect, process, and share the data we deal with in a lawful, transparent manner. To that end, we wanted to share with the Electro-Glo Distribution Inc. community some information about Electro-Glo Distribution Inc.’s practices and procedures related to data collection and GDPR compliance.
Security
Where possible we’ve increased our data acquisition, data processing and site visitor security to ensure requirements of the GDPR are effectively met.
Examples of our security measures include (but are not limited to):
- Secure domain hosting
- Secure for data storage and processing through a Customer Relationship Management (CRM) system
- Secure server encryption (HTTPS)
- Strict internal data handling policies
We are always looking to find new ways to ensure the level of security of personal data is appropriate to the level of risk, and to help ensure the protection of the rights of individuals.
Sub-processors
- Google Analytics
- Google Ads
- Facebook Advertising
- WordPress
- HubSpot CRM
- Stripe
- QuickBooks
GDPR Contract Update
Both Electro-Glo Distribution Inc. (processor) and its customers (controllers) are jointly and separately responsible for certain actions under the GDPR. Therefore, the GDPR requires shared responsibility to protect an individual’s privacy rights. GDPR Article 28 requires that a contract be in place between a controller and a processor. Electro-Glo Distribution Inc.’s Terms and Conditions provide the fundamental legal requirements and obligations regarding data ownership, confidentiality, processing responsibilities, and more.
However, if a customer of Electro-Glo Distribution Inc. desires to update their agreement with Electro-Glo Distribution Inc. with any GDPR-specific language, please contact privacy@electro-glo.com