Just2easy Limited and EU GDPR (General Data Protection Regulation)
GDPR becomes enforceable from May 2018 and whilst many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA) it also introduces a number of new, more stringent data protection rules with which we must all comply.
Just2easy Limited fully complies with both the DPA and GDPR, having had all of our products accredited on the UK Government G Cloud Frameworks for several years.
Our Senior Management Team are fully aware of GDPR and the impact this is likely to have on both Just2easy and the education industry in general.
We have appointed a Data Protection Officer who is suitably qualified and experienced in this area.
We have made all our staff aware of the new Regulation and what this means to us through GDPR awareness sessions.
We have conducted an audit of all personal data we hold or process, where it comes from and who it is shared with
We have reviewed the legal basis for all personal data processing to ensure we are compliant and to ensure that, if required, we have the appropriate consent in place.
We have reviewed and updated our policies and procedures to ensure that we comply with all the rights of individuals under GDPR including processes for secure data deletion, handling Subject Access Requests etc. See our Privacy Policy and Terms and conditions policy for more information.
We have, for several years’, ensured that we have data protection by design woven throughout our processes and we continue with this. We have also conducted new Data Protection Impact Assessments across the company.
We believe that compliance with GDPR will help to strengthen and unify data protection rules across Europe and will undoubtedly help protect the vast amounts of personal data that is processed in the education industry.
Being fully compliant with GDPR is not simply an aim for Just2easy, but a commitment through which we will protect all personal data we process in the best way possible at all times.