How is Accountor complying with the GDPR
Our personnel is trained and aware of the data protection requirements. The specific GDPR training is mandatory for all Accountor’s employees.
We have defined processes, detailed guidance and interpretations on, inter alia,
- individual’s rights
- data breach management
- data protection impact assessment
Specific data protection clauses are incorporated into our agreements for customers and business partners. We are committed to ensure that our business partners are compliant with the GDPR.
Since the security attacks are continuously getting stronger, it means that our security must be constantly monitored in order to stay protected from evolving threats. The impact and risks of personal data processing are assessed before starting processing and thereafter when needed, so that data protection is embedded into and maintained in all operations.
Furthermore, we are building data protection safeguards into our products and services from the earliest stages of development. We are currently in a process to build Group level Information Security Governance framework to harmonize information security activities in all business operations and units.
Information security activities are documented appropriately and reviewed on a regular basis.