<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1213997082030178&amp;ev=PageView&amp;noscript=1">
Menu
BOOK FREE DEMO

General Data Protection Regulation

Introduction

The GDPR is a new regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union, aiming to give control back to citizens and residents over their personal data. It comes into effect on 25th May 2018 and although multifaceted is can be summarized with three main aims:

  • Privacy by Design - Organizations must implement appropriate security measures around all data processing activities, and any new activities should be risk assessed for privacy and security at the outset.
  • Enhanced Rights - In addition to existing rights, additional rights are now afforded to individuals such as the right to transfer personal information, and the right to be forgotten.
  • Demonstrate Compliance - Companies must be able to document and demonstrate compliance through their internal records, policies and procedures.

At Tharstern we take security of both company and personal data very seriously and welcome the opportunity that GDPR brings in further emphasizing the importance of good data management practice and the privacy rights of individuals. As such we are committed to achieving and maintaining compliance with this new regulation.

What Tharstern are doing to prepare for GDPR

Tharstern have embarked on an internal programme to identify which measures we need to implement to be compliant with GDPR, and are working to implement them ready for the deadline.

  • We have conducted an internal data audit and are documenting our data maps and flows.
  • We are refining our internal operating procedures and processes in respect of data management and security.
  • We are reviewing our internal policies across the business, but with specific attention in regards to HR, IT and data protection.
  • We have updated our internal education programmes to deliver additional data protection and GDPR related training to all staff.
  • We have reviewed our internal IT infrastructure and systems and are carrying out a range of improvements and upgrades.
  • We are reviewing our customer and key third-party vendor agreements to make sure that the appropriate contractual protections are in place to satisfy GDPR requirements.

What Tharstern are working on in our product to help our customers with GDPR

  • To support the right of individuals to request a copy of the personal data you hold we are working on a set of Crystal Reports that will enable you to report on, and present, the data held in your Tharstern database on individuals such as supplier / customer contacts, and also internal users and operators.
  • To support the right of individuals to be forgotten, we are working on a mechanism to allow you to delete and/or anonymize personal information, for any specified individual, that is stored in the Tharstern database.

We are adding to, and updating this information on a daily basis so please keep checking back here for the latest updates and FAQs.

Hosted Solutions

Additional information for users of our hosted Business Intelligence solution:

  • In this regard, we act only as the Data Processor.
  • This is hosted on Microsoft Azure in the West Europe region and data for our EU customers does not leave this region. Although this solution is already very secure we are continually working to increase and improve security on this platform to ensure that all data is in encrypted in transfer, storage, retrieval and backup.
  • For more information about Microsoft’s approach to compliance with GDPR check here (https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx)

 
Additional information for users of our hosted Primo LIVE / Tharstern App software:

  • In this regard, we act only as the Data Processor.
  • This is hosted on Microsoft Azure in the West Europe region and data for our EU customers does not leave this region. Although this solution is already very secure we are continually working to increase and improve security on this platform to ensure that all data is in encrypted in transfer, storage, retrieval and backup.
  • For more information about Microsoft’s approach to compliance with GDPR check here (https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx)

FAQ

Have Tharstern appointed a Data Protection Officer?

No. Due to our size, and the nature of our business we are not required to appoint a Data Protection Officer.

DISCLAIMER

The information contained on this website is for guidance purposes only. It should not be taken for, nor is it intended as, legal advice. We would like to stress that customers should make their own detailed investigations and seek their own legal advice if they are unsure about the implications of the GDPR.

While we have made every effort to ensure that the information provided on this website is correct and up to date, Tharstern cannot make promises as to the accuracy and this information is delivered on an “as is” basis without any warranties, express or implied.  Tharstern will not accept any liability for errors or omissions and will not be liable for any damage (including, without limitation, damage for loss of business or loss of profits) arising in contract or otherwise from the use of or reliance on this information or from any action or decisions taken as a result of using this information.

GDPR

The GDPR is a new regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union, aiming to give control back to citizens and residents over their personal data.