Free Trial
Mobile Menu

Data Privacy Compliance


Data privacy is a crucial aspect of Relative Insight’s business operations – we take it seriously in order to protect the personal information of their customers and employees. With the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Regulation (CCPR), companies must comply with strict rules and regulations to ensure the privacy of individuals’ personal data. One of the key requirements of these regulations is having a full-time Data Protection Officer (DPO) and safeguarding data from loss or theft.

Relative Insight has appointed a dedicated, full time DPO to ensure that Data Privacy obligations are met.

 

EU GDPR and California Consumer Privacy Regulation Requirements

EU GDPR and CCPR share several similarities in their requirements for data privacy compliance. They both require organisations to:

  • Obtain consent: Organisations must obtain the consent of individuals before collecting, using, and sharing their personal data. This consent must be explicit and freely given.
  • Provide transparency: Companies must provide individuals with clear and concise information about their data collection, processing, and sharing practices.
  • Respect data subject rights: Individuals have the right to access, correct, and delete their personal data. Organisations must also respect the right to data portability, which allows individuals to transfer their data to another organisation.
  • Protect data: Companies must implement technical and organisational measures to ensure the security of personal data. This includes measures to prevent loss, theft, and unauthorised access.
  • Appoint a Data Protection Officer: Organisations must appoint a full-time Data Protection Officer (DPO) who is responsible for overseeing data protection and privacy compliance.

Relative Insight complies with all of these requirements

 

The Role of the Data Protection Officer

The DPO is a key figure in data privacy compliance. Their primary role is to ensure that the organisation complies with data protection regulations, such as the EU GDPR and CCPA. The DPO’s responsibilities include:

  • Advising the organisation: The DPO advises the organisation on data protection matters and ensures that all departments and employees are aware of their data protection obligations.
  • Monitoring compliance: The DPO monitors the organisation’s data protection practices and ensures that they comply with the regulations.
  • Responding to data subject requests: The DPO is responsible for responding to data subject requests, such as requests for access, correction, and deletion of personal data.
  • Conducting audits: The DPO conducts regular audits of the organisation’s data protection practices and identifies areas for improvement.

Relative Insight’s DPO carries out all of these responsibilities

 

Safeguarding Data from Loss or Theft

One of the key requirements of data privacy regulations is safeguarding data from loss or theft. Organisations must implement technical and organisational measures to ensure the security of personal data. These measures include:

  • Encryption: Encryption is a method of protecting data by converting it into a code that can only be deciphered with a key. Organisations should encrypt personal data both when it is stored and when it is transmitted.
  • Access controls: Access controls ensure that only authorized individuals can access personal data. Organisations should implement access controls that restrict access to personal data on a need-to-know basis.
  • Training: Employees play a critical role in safeguarding data from loss or theft. Organisations should provide training to employees on data protection practices and policies.
  • Disaster recovery: Organisations should implement disaster recovery measures to ensure that personal data can be recovered in the event of a loss or theft.

Relative Insight implements all of these measures