We’re based in Colombo, Sri Lanka – but we’re clued up on what GDPR means for our European clients and have taken necessary steps to be compliant. Here’s a summary of our plan for compliance:
- Staff training
Every member of our team has completed GDPR training which we refresh every 6 months. You can contact our Data Protection Officer for any queries at firstname.lastname@example.org
We’re updating all our client contracts to include GDPR clauses including annexed model clauses released by the EU to help companies based outside of the EU continue to operate.
- Physical security
Data stored on remote servers is always with global brands with compliance procedures as well as physical and digital security measures.
- Downstream contracts
We only work with GDPR compliant providers for hosting and other technology services. That means they are either EU based, are part of the US Privacy Shield initiative or we a contract in place which includes EU model clauses for GDPR compliance.