GDPR @ CA Plus
We at CA Plus Ltd have been working to ensure that we process Personal Data in accordance with Data Protection Law, namely the Maltese Data Protection Act (Chapter 440 of the Laws of Malta) as amended and, as of 25 May 2018, the General Data Protection Regulation (GDPR), the Regulation (EU) 2016/679 of the European Parliament and of the Council of the 27th of April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, the legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union.
This regulation has strengthened the rationale behind some of our existing procedures and processes, required us to strengthen others and has ensured that we place data privacy right at the forefront of our operations.
In preparation for the introduction of GDPR, we have made an assessment of our position and taken action to ensure compliance. We have audited the data that we hold, both data about our clients, prospects, suppliers and others, but also any retention of data from our clients.
We have trained all our staff about the objectives of GDPR, the obligations and responsibilities imposed by the law and the updated policies and procedures related to all things related to data protection.
We have a large number of clients, some of whom use our software products on their own premises but others use our Shireburn Indigo platform which is a hosted and managed service. Others utilize our services for managing their networking and assisting them in their IT infrastructure. All of these have different implications for everything from data processing responsibilities, data storage, data storage location obligations and data retention.
CA Plus is fully aware of the philosophy of GDPR to protect the privacy of data subjects and we subscribe to this philosophy. We will continue to place the privacy of our clients at the forefront of our activities.