Cymphony and GDPR: Protecting Your Personal Data

Cyphony and GDPR

We take our responsibilities under GDPR seriously. That’s why we embarked on a programme to identify which measures we needed to implement and we are now fully compliant with GDPR regulation. Here is a quick summary of what we did:

  • We carried out a comprehensive GDPR audit assessment.
  • We have implemented an internal GDPR training program to ensure all of our staff are aware of what GDPR requires and how it impacts their day-to-day roles.
  • We conducted a data-mapping exercise to discover where all information within our organisation sits.
  • We reviewed our key third-party vendor arrangements and made the move to ensure all information is centralised, known and easily accessible.
  • We’ve refined procedures to deal with some key data subject rights, like subject access requests and the right to request deletion. Full information can be found by viewing our Privacy policy.
  • We Updated our external-facing policies to be GDPR compliant and published those updated policies ahead of the GDPR effective date – see our Privacy policy for further details.
  • We have updated our data breach procedures to bring them in line with GDPR.