GDPR Statement For Dynacom IT Support Limited
On May 25, 2018, the General Data Protection Regulation (GDPR) is fully enforceable across the European Union (EU), creating a higher standard for data protection, privacy, and security for the processing of personal data from the EU. The GDPR applies to the processing of personal data regardless of where that takes place in the world, and impacts any company that handles personal data of EU citizens and others within the EU
GDPR is focussed on the personal data of a data subject, defined as “a natural person whose personal data is processed by a controller or processor” rather than being aimed at business to business data. However, since the new regulation provides little in the way of prescriptive direction on achieving and maintaining compliance, employing best practices for all data storage (both digital and hard copy) is highly desirable. As such the data protection policies at Dynacom have always been focussed on securing the data we store on your behalf.
All our company data is encrypted both at rest (in our cloud storage and on local devices) and in transit. For particularly sensitive information (such as accounts and password stores) this is encrypted using a secondary method prior to upload to storage to ensure data integrity for these sensitive files. Storage of data on external attached devices (hard drives, USB sticks) is kept to an absolute minimum and drive encryption used where necessary. Strong passwords and multi-factor authentication is used on systems with sensitive data.
We use a number of services form outside organisations in the course of our business. We are expecting them to be GDPR compliant and have been closely following their journey to compliance. For services such as Office 365, Solarwinds MaxBackup and Barracuda ESS, following the below links will take you to those supplier’s GDPR plans and compliance statements.
GDPR Roles and Employees
Even though it isn’t necessary as part of the new regulations, because we take data security seriously Dynacom has a designated Data Protection Officer (DPO) with responsibility for developing and maintaining compliance with all data protection legislation. The DPO is responsible for promoting awareness of the GDPR across the organisation, assessing GDPR readiness, identifying any areas requiring improvement and implementing new measures and procedures.
Dynacom recognises that continuous employee awareness and understanding is vital to the continued compliance of the GDPR and employees have been given guidance and trained in best practices.
If you have any questions about our preparation for the GDPR, please contact our Data Protection Officer (DPO) at DPO@dynacomitsupport.co.uk.
Microsoft Trust Center:
Solarwinds (remote monitoring and backup):
Barracuda (e-mail antispam, antivirus and ATP):
UKFast (hosted servers):
BeyondTrust Secure Remote Access Software:
Our BeyondTrust remote support appliance is a physical device located at our offices. Significant hardware and software updates have been applied to ensure it is secure and to provide the ability to set policies on the appliance to maintain compliance. We will be in contact to explain these enhancements and the additional options provided, particularly for unattended connection to workstations, laptops and tablets via the jump client technology. BeyondTrust’s own GDPR policy can be found at the following link.