GDPR Statement

GDPR Introduction

A new EU regulation will soon come into effect that impacts how all organisations collect, hold and process people’s personal data. The General Data Protection Regulation (GDPR) will become law on 25th May 2018 and will introduce new responsibilities that supersede the existing Data Protection Act.

Simply put, EU residents will now have greater say over what, how, why, where, and when their personal data is used, processed, or disposed of. This rule clarifies how the EU personal data laws apply even beyond the borders of the EU. Any organisation that works with EU residents’ personal data in any manner, irrespective of location, has obligations to protect the data. The regulation will remain in UK law after the UK leaves the EU.

As we approach May 2018, Addicus is focused on its GDPR compliance responsibilities. During our implementation period, we are evaluating new requirements and restrictions imposed by GDPR and will take any action necessary to ensure that we handle all data in compliance with the applicable law.

Addicus is committed to meeting any contractual obligations for procedures, products and services and is approaching GDPR compliance on four main fronts:

  • To ensure our own compliance as a company that holds and processes people’s personal data.
  • To ensure our partners and suppliers adhere to the highest standards of compliance and GDPR regulation.
  • To ensure that software applications and service solutions we use all support our customers’ own GDPR compliance efforts.
  • To ensure that our customers continue to view Addicus as a reliable and trustworthy custodian of their personal information and are re-assured by the processes, policies and procedures we have in place.

GDPR Compliance

  • Addicus are undertaking a full review of all internal security and privacy policies to ensure that all personal data within, or passing through the company, will be handled in accordance with GDPR regulations.
  • We will implement the relevant tools and practises to ensure the safeguarding of any data handled by Addicus and all of its employees.
  • Employees will be made aware of all GDPR restrictions, with the relevant training provided as necessary.
  • Compliance may involve updating or re-issuing some agreements or re-seeking active consent from you to send you marketing materials and newsletters.

Suppliers and GDPR

Addicus will undertake a review of all supplier and third party contracts and arrangements to ensure that all of our partners continue to apply the same high standards of data protection.

Software Applications

Addicus currently use a number of software solutions within which personal data is collected and stored. We are working with our suppliers to ensure that we, and our customers, are able to respond to requests for deletion, rectification and anonymisation of data as well as ‘The right to be forgotten’, where applicable.