Products
Customers
Support
Company
- About us
- Apps
- Connect Academy
- Blog
- Watch a Demo
- Partners
- Careers
- Events
- Contact us

Connect Academy

GDPR Statement

Home
GDPR Statement

The following explains the role of Connect IT as a service provider in relation to the GDPR regulations which come into force on 25th May 2018.

If you wish to review our personal data policy for Connect IT in regards to you as a client, please review our privacy policy

Terminology and roles

GDPR defines a number of roles which determine responsibility and the guidelines for handling of personal data:

Data controller - This refers to a Connect IT client who are the operators/owners of any website or application or product that Connect IT have developed, host and/or support Data processor (or data sub-processor) - This refers to Connect IT as we are a party to personal data through providing our solutions

Responsibility and obligations

All Connect IT customers are responsible for their own adherence to GDPR. It is not the responsibility of Connect IT to enforce or implement any rules or changes for data controllers (i.e. our customers).

Connect IT, as data processors, shall provide sufficient technical and organizational practices that meet the GDPR guidelines for data processors. This is to ensure any handling of any data on our client's behalf is confidential, secure and responsible. We may disclose data to service providers who render solutions to us or our customers, all of which are contractually obliged to act only on our instructions and in accordance with applicable laws including GDPR.

Website, application, and product changes to become GDPR-compliant

The GDPR laws which have come into effect are globally impactful, being law in the UK and EU countries. Furthermore, other countries which serve UK and EU citizens are also required to adhere to the same guidelines.

As such, any website, application or software developed prior to GDPR coming into effect on 25th May 2018 may require further changes to ensure compliance with the guidelines, and how they specifically apply to each client

These changes may be subject to additional investigation & development charges as advised by Connect IT on a case-by-case basis due to the diverse rules and nature of the website/application/software/product.

Review and change process

The extent of changes required will depend on several factors:

The type of data captured and stored by your website/application/software (i.e. is personally identifiable, is it sensitive)

The intended usage for that data (i.e. for order processing, marketing, promotions etc) How the data is captured (by online enquiry form, by user registration etc)

The length of time and legal basis for storing this data (i.e. stored for 6 years due to HMRC invoice and tax purposes) We advise the following:

Client should initially involve their Data Protection Officer (if appointed/applicable)

Client should review and formalize their own GDPR policy wording and make key decisions on the above factors such as data capture methods, intended usage, retention period, security. Existing processes may need to be reviewed and revised inline with GDPR Client to make their policy available via their website, email signature and other communication forms Connect IT to review the website/application/software/product to determine what areas contravene the agreed GDPR policy Connect IT to recommend technically feasible solutions to ensure GDPR-compliance Connect IT to estimate costs for implentation where applicable Client to instruct Connect IT to proceed

Data Subject Rights

GDPR includes several data subject rights which data controllers are obligated to respect

In the first instance, it is the responsibility of the data controller to respond to all requests and fulfill where possible - via any content management system (CMS) or administration area.

As a service provider (data processor), Connect IT may be required to manually intervene to technically carry out certain tasks not available through the existing CMS/Administration. All manual requests will be carried out for customers who are covered by an agreement. Otherwise, requests will be chargeable at our standard agreed hourly rate.

The data subject rights that Connect IT can manually assist with are as follows:

The right to ask for a copy of data - typically a comma separated file (CSV)

The right to ask to correct any data - such as errors, mistakes or inaccuracies The right to ask for data to be removed - includes audit records

Data handling

Retention & backups

Connect IT, as a data processor, retain backups for 3 months for the purpose of providing restoration of data in the event of a disaster recovery scenario. These backups are stored securely and accessible only via an encrypted platform.

Data breaches

Connect IT, as a data processor, will comply with the GDPR guidelines surrounding data breaches, such as notification of customers within 72 hours of a breach being detected, etc. Further details can be found here [ https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/ ]

Data security

Connect IT recommend all websites/applications/products are operated under a secure https:// connection to ensure encryption is in place to secure data in transit

Specific data encryption is implemented on a case-by-case basis based on the level of sensitivity of the data and any specific requirements or instructions from customers (data controller)

At Connect IT, we deliver software development & industry specific technology expertise to all our customers. At the core of every project, is a stringent quality system that would never be compromised - be it for a process, product or service. We impart a flawless quality process that ensures measurable business benefits for our customers.

Recent Blog Post

How Blockchain Technology Potential Impact to Healthcare and Pharmacy today
Future of Augmented-Reality Applications

Other Links

Terms & Conditions
Privacy Policy
GDPR statement for our customers

Contact Us

Alpha House, 100 Borough High St,

London - SE1 1LB

T: +44(0) 207 863 3200

F: +44(0) 203 747 4600

sales@connectitworld.com

Copyright © 2024 Connectit | All rights reserved