As a small digital media and publishing company dedicated to maintaining the highest standards of data protection and privacy, we are committed to ensuring full compliance with the General Data Protection Regulation (GDPR). We understand the importance of safeguarding the personal data we process and are proactive in implementing robust technical facilities and measures to protect the rights of data subjects.
• Confidentiality, Integrity, Availability, and Resilience of Processing Systems and Services:
We employ secure cloud-based services with strong encryption for data storage and transfer, ensuring the confidentiality and integrity of personal data.
Our systems are designed with redundancy and failover capabilities to maintain availability and resilience.
Regular software updates and patches are applied to protect against vulnerabilities.
Access to personal data is restricted to authorised personnel only, through role-based access controls and multi-factor authentication.
• Compliance with the Rights of Data Subjects:
We have clear procedures in place to respond to data subjects’ requests within the stipulated GDPR timelines, ensuring their rights to access, rectification, deletion, and portability of personal data are upheld.
Our privacy policy, easily accessible on our website, transparently outlines how personal data is collected, used, and protected, including the contact information for data subjects to exercise their rights.
• Legal Safeguards for Transfers of Personal Data Outside the EU:
In the unlikley event of transferring personal data outside the EU, we ensure compliance with GDPR by relying on aStandard Contractual Clauses (SCCs) as appropriate legal mechanisms to safeguard such transfers.
• Maintenance of Records of Personal Data Processing Activities:
We maintain detailed records of processing activities as required by GDPR, including the nature of the data processed, processing purposes, data sharing, and retention periods, ensuring transparency and accountability.
• Regular Testing, Assessment, and Evaluation of Technical and Organisational Measures:
Our approach includes regular security assessments to identify and mitigate potential vulnerabilities in our systems and processes.
We conduct periodic reviews and audits of our data protection policies, procedures, and technical measures to ensure they remain effective and compliant with GDPR.
Employee training sessions are held regularly to reinforce the importance of data protection and to update our team on any changes in compliance requirements or best practices.
By implementing these measures, we are confident in our ability to protect the personal data we handle and ensure ongoing compliance with GDPR. Our commitment to data protection is integral to our operations and we continuously seek to enhance our systems and processes to align with best practices and regulatory requirements.
