The European General Data Protection Regulation (GDPR) came into effect on May 25th 2018. This important text creates new obligations for the companies that process personal data, like A PLUS C. The GDPR also establishes new rights for the people affected by these data, particularly the right to oblivion and the right to data portability.
As of now, A PLUS C has taken all the measures to ensure compliance with the GDPR, and therefore offers its services in a secure and clear legal framework. Since the beginning of its activities, personal data protection is of the utmost importance to A PLUS C, and the entry into force of the GDPR constitutes a way to reinforce this protection in favor of the customers of A PLUS C and, ultimately, of the people affected by these data.
Among the measures taken by A PLUS C to ensure compliance with the GDPR, the following may be acknowledged
the establishment of a clear contractual framework, where the obligations and responsibilities of A PLUS C and its customers regarding the collecting and processing of personal data are clearly defined.
It should be noted that, as part of the services offered to its customers, A PLUS C acts as a subcontractor. Therefore, it is the responsibility of these customers to ensure that their operations comply with the GDPR, particularly when it comes to operations that have to do with collecting personal data, that are transmitted to A PLUS C afterwards ;
the creation by A PLUS C of a register of processing operations, identifying and updating all the operations made on the personal data that are transmitted to it ;
the approach to ensure that personal data are secure in order to reduce the risk of breach as much as possible, and the establishment of an information protocol from the CNIL in case of a breach ;
the designation of a Data Protection Officer (DPO), who is in charge of internally making sure that the data protection policy of A PLUS C is respected, and of providing an interface with the CNIL
The data protection policy of A PLUS C is explained here and we invite anyone interested in the services provided by A PLUS C to refer to it. If you have any questions on this policy or on any subject linked to the way A PLUS C complies with the GDPR, you can contact us by sending us an email (firstname.lastname@example.org) or by calling us.