All businesses have had to reassess their privacy policies and procedures in line with the new GDPR regulations coming into force in May 2018.
Green Mop has always taken privacy and data security very seriously, so we didn’t have much work to do to ensure we are compliant. We did, however, have to document all that we do. And we added a few layers of security to our IT set up to ensure all was robust.
We also documented all the Technical Measures we have in place to protect customer and staff data, added a Data Retention Policy document, and our employee handbooks were updated and reissued.
As Green Mop Ltd is a B2B company, we were not sure if our customer data was subject to the new regulations as it is about personal data. We took a decision to apply the same policies and procedures to that information as we do to any other personal info. It’s best practice anyway to not hold any information that is no longer required, but it mainly limited to contact details.