What is GDPR about?

Standing for General Data Protection Regulation, GDPR is the new data protection framework implemented in European Union (EU) starting 25 May 2018.

GDPR affects any organisation that processes the personal data of EU data subjects, irrespective of whether it operates or processes data within or outside of EU.

As a processor of personal data with a strong commitment to privacy, Impressius has initiated a GDPR study and various initiatives over the last few months to achieve compliance. This also included consulting a GDPR officer.

What Impressius aims for under GDPR

We’ve been hard at work getting up to speed with GDPR. Many initiatives have been implemented before this article is published, while even more are underway, an never-ending process that works towards stronger data privacy.

Our GDPR goal is to allow our clients and franchisees to use Impressius service confidently while complying with GDPR from the onset.

What has Impressius done to prepare

We’ve undertaken the following GDPR initiatives to comply with the regulation and protect our customers’ and users’ information:

  • Mapped a record of all personal data processing activities and flow
  • Verified the GDPR readiness of third-party vendors, with signed data processing addendums
  • Built-in procedures and processes to respond to data right requests e.g. request to erase data
  • Appointed a data protection officer
  • Made available a Data Processing Addendum for all Impressius customers
  • Improved security for Impressius’ IT system and databases
  • Established a Breach Notification Plan
  • Updated our data privacy, protection and retention policies, and terms and conditions for Impressius websites, apps and chatbots, all of which you can access below:
    • Data privacy and cookies policy for Impressius websites
    • Data privacy policy and Terms & Conditions for Impressius web app
    • Data Protection Policy for Impressius websites, web app and chatbots
    • Data Retention Policy for Impressius websites, web app and chatbots

Impressius’ commitment to you and the protection of your data started before GDPR and will continue to strengthen over time. We’re in for the long haul. Feel free to reach out to us at gdpr@impressius.com if you have any question about:

  • Your rights under the GDPR as our customer or licensee
  • Engaging Impressius in the post-GDPR world