GDPR

essensys’ commitment to data protection

At essensys, we recognise the importance of the data we collect and process on behalf of our customers. essensys’ robust privacy and security program meets the highest standards in the industry. essensys is consistent with ISO 27001 and ISO 9001.

what customer should do

Get buy-in and build a team

  • Raise awareness of the importance of GDPR compliance with organization leaders
  • Obtain executive support for necessary staff resources and financial investments
  • Choose someone to lead the effort
  • Build a steering committee of key functional leaders
  • Identify privacy champions throughout the organization

Assess the organisation

  • Review existing privacy and security efforts to identify strengths and weaknesses 
  • Identify all the systems where the organization stores personal data and create a data inventory 
  • Create a register of data processing activities and carry out a privacy impact assessment for each high-risk activity
  • Document Compliance

Establish controls and processes

  • Ensure privacy notices are present wherever personal data is collected
  • Implement controls to limit the organization’s use of data to the purposes for which it collected the data
  • Establish mechanisms to manage data subject consent preferences
  • Implement appropriate administrative, physical, and technological security measures and processes to detect and respond to security breaches
  • Establish procedures to respond to data subject requests for access, rectification, objection, restriction, portability, and deletion (right to be forgotten)
  • Enter into contracts with affiliates and vendors that collect or receive personal data
  • Establish a privacy impact assessments process
  • Administer employee and vendor privacy and security awareness training

Document compliance

  • Compile copies of privacy notices and consent forms, the data inventory and register of data processing activities, written policies and procedures, training materials, intra-company data transfer agreements, and vendor contracts
  • If required, appoint a data protection officer and identify the appropriate EU supervisory authority
  • Conduct periodic risk assessments

arrow-up

essensys plc is a public limited company registered in England and Wales. Registered Office: Aldgate Tower, Leman Street, London, E1 8FA. essensys Inc is a Delaware company. Registered Office: 450 7th Avenue, New York, NY 10123. Access our Complaints Policy, Code of Practice & Compliance

© 2020 essensys. All Rights Reserved.

Contact us
London

Aldgate Tower
2 Leman Street
London
E1 8FA

 

New York

Nelson Tower
450 7th Avenue
New York
10123

 

Los Angeles

2450 Colorado
Ave #1007
Santa Monica
CA 90404

 

Name

blurb