The European Union’s GDPR (General Data Protection Regulations) comes into effect on 25 May 2018 with the objective of significantly enhancing the protection of personal data of EU residents by increasing the obligations of organisations who collect or process this data.
GDPR is set to become the gold standard and Intouch Relocations has embraced these changes as a new and better way of doing business.
To ensure our readiness for, and compliance with GDPR, we have implemented the following key initiatives:
Analysing our Data Flows
- We started by developing a clear understanding of what personal data we are collecting and how we are processing it, in the course of conducting our business, where and how long we are storing it, how we are either destroying it or returning it.
- We then classified the data and documented how we handle it, updating our Data Protection, Processing and Security Breach Policies.
Review of our Technical and Organisational Controls
- We have assessed our procedures, including but not limited to:
- Physical and Environmental Security
- Technical Security (workstations, server and network security)
- Business Continuity planning
- Regular assessment and evaluation of technical and organisational measures we have adopted
to ensures the confidentiality, integrity and availability of personal and sensitive data, as well as to protect against unauthorised use or unlawful processing, accidental loss, damage or destruction of transferee personal data.
IRIS (Intouch Reloctions Information System)
- Our new technology platform, IRIS, with its integrated email and document management system, is GDPR ready and includes a document audit trail
- IRIS will allow access to personal data to be tightly controlled, and data easily tracked and deleted
- Emails are fully encrypted
Supplier and Partner Contracts
- We are auditing all the contracts we have in place, updating or adding Amendments to clearly detail the obligations of our field consultants, suppliers and partners in all the countries in the Middle East and Africa in which we provide services
- We have, and will continue to provide information security awareness training to all Intouch’s employees and consultants; cascading this down through to our suppliers and partners
- Our Group Training Manager, Natalie van de Water, is developing materials for ongoing training which will be easily accessible to all
- Intouch Relocations, with its extended coverage throughout the Middle East and Africa has appointed its Africa CEO, Corallie Pringle, as Compliance Officer, to ensure that the Intouch Group successfully implements GDPR and other compliance imperatives in all the locations we have coverage in
If you would like to recieve more information about our GDPR preparedness, or request coppies of our Data Protection, Processing and Security Breach Policies, please contact us at firstname.lastname@example.org