ActiWay and GDPR
On May 25th, 2018, the new General Data Protection Regulation (GDPR) replaces the Swedish Privacy Act/Personuppgiftslagen (PUL). The new regulation aims to ensure equal management and protection of personal data in all EU member states and will be a mandatory law.
Secure management of personal data has always been key for us at ActiWay, which is why we embrace the new regulation. Since we manage personal data, we will ensure that we take responsibility for protecting your employees’ personal data and integrity in a correct and secure way.
In conjunction with the new regulation, we have started taking an inventory of what personal data we collect and to what end. We do this to ensure that we only collect personal data that is important to our service. We have also clarified our routines regarding how we report incidents related to personal data.
The new regulation also requires all organizations with more than 250 employees, and other organizations that manage sensitive personal data, to appoint a data protection officer, DPO. In the instances where a customer is subject to the new regulation, we will collect information to identify who their data protection officer is.