19 Apr 2018 12:15 by Alexander John
Length: 1 minute, 22 seconds (275 words)
As many are aware, on the 25th May a new set of data protection rules and regulations known as the EU General Data Protection Regulations or GDPR. Although we are leaving the EU, the government has previously announced that it will be implementing GDPR in full.
In the next couple of weeks we will be updating our privacy policy and other legal documents to reflect the changes brought by GDPR and to ensure we are compliant.
Data Consent
An important aspect of GDPR is the consent to store data, especially sensitive data like usernames and passwords. Our default policy is not to store customer usernames and passwords and we strongly advocate all customers to change any passwords we have issued (for example through account signup or password reset) to values that only they know.
For some customers, typically those with ongoing support, maintenance or management packages, we do store certain items of sensitive data like usernames and passwords. This data is retained with the knowledge of those customers and is required to deliver their service package. To ensure there is a formal, compliant record of consent for storing this data, we will be contacting all applicable customers in the next week explaining what data we hold and asking for their consent to continue to store it. If we do not receive consent, or no reply from a customer by the 1st May 2018, we will delete the relevant customer data.
Additional Questions
Anyone is entitled to ask for details of the data we hold about them. To do so, please see Requests for Account Information.