One month on from the GDPR’s go live, we wanted to mark where Jigowatt stands on Data Protection. Clients should also know what to expect data protection-wise in the coming months. Put simply, we need to work together.
We have updated the Jigowatt data protection page, with our upfront Privacy Notice (link to webpage). Backing that up is our overall Data Protection Policy, again updated for GDPR (link to webpage)
While not troubling the website updaters, there’s still a bunch of policies, procedures, paperwork and actions that are keeping us busy protecting the personal data that our clients trust to us.
In fact, that’s the most important thing.
Jigowatt hosts and processes data only according to what our clients want. And clearly, irrespective of notices, policies, procedures and all the rest, the key is working together. Jigowatt is a ‘Data Processor’, and that means we need to be sure we are doing what our clients want. And that it’s the right thing by the GDPR!
Hence over the period to come we’ll be talking more about data protection to our clients. The main purpose is to see how we can best work together to ensure the continuing security, confidentiality and integrity of the personal data held. Our clients face the customer. The customer need not know anything about what goes on in the background, except to be sure that their personal data is safe.
Of course, under the GDPR, there are distinctive roles. While Jigowatt is the Data Processor, our clients are the Data Controllers. It’s the Data Controllers who decide why we collect people’s personal data, what data to collect, how long it’s needed for etc.
So with this Data Processor/ Data Controller dichotomy, we need to discuss what one might call the ‘division-of-responsibility’ issues e.g:
– how to respond to data access requests
– how to identify which types of data are held, by whom, where etc
– how to deal with any issues at all affecting personal data
– what other measures might be needed to be sure of continued GDPR-compliance.
All of these and more will prove necessary ongoing steps to satisfy our clients’ customers that their personal data is safe. No doubt the regulator might at some point want to be satisfied too. So let’s work together.
Are you clear about GDPR and your customer data responsibilities? Contact me at firstname.lastname@example.org