Wills Ridley Ltd - GDPR Summary

 

Wills Ridley Ltd welcomes the introduction of GDPR in May 2018. Wills Ridley has always taken all information security seriously including that of personal data regardless as to whether Wills Ridley is acting in the capacity of Data Processor or Controller.

 

In terms of GDPR, Wills Ridley has been working towards being fully compliant throughout 2018 in order to ensure that Wills Ridley clients can be certain that they are dealing with a fully compliant GDPR organisation. This compliance work is currently ongoing and Wills Ridley hope this work will conclude prior to the 25th May 2018 date for introduction of the regulation.

 

Wills Ridley will be providing documentation to clients detailing how Wills Ridley as an organisation is fully compliant with all aspects of the GDPR.

 

Assessment

 

Wills Ridley has assessed the GDPR and matched its own activities against the requirements for Data Controllers and Data Processors as appropriate.

 

Wills Ridley is:

 

· A Data Controller of its own employee data

· A Data Controller or Data processor of both data acquired within its day to day business and third-party data acquired where appropriate

· Registered with the Information Commissioners Officer

 

A public document will be made available that details the policies and activities that Wills Ridley employs matched to the clauses of the GDPR should any client have a detailed question in respect of compliance.

 

Wills Ridley data is hosted solely in UK/EEA data centres for the purposes of backup and archiving.

 

Activity

 

Wills Ridley is amending its activities and associated policies and procedures as necessary in order to fully comply with GDPR following a thorough assessment.

 

Wills Ridley has a documented Data Breach Policy, a Lawful Bases for Processing Policy, a Legitimate Interest Policy and a Data Protection Policy.

 

The Wills Ridley website is being updated so that clients have the assurance that they will be contacted and treated in accordance with GDPR requirements. The website will contain Wills Ridley’s Privacy Policies clearly identified as well as a direct contact for Wills Ridley’s Data

Processing Officer (DPO)

 

Wills Ridley views the GDPR as an ongoing process and is committed to ensuring that any changes to the GDPR will be reflected in its working practices and policies going forward.