What does my organisation need to do to become compliant?
- Store their data exclusively in GDPR compliant systems such as Pitchero
- Stop sending and storing PII via non GDPR compliant systems (unaudited spreadsheets, pieces of paper)
- Have processes in place to gain consent for the data that is stored
- Decide on appropriate retention policies for each type of data stored
- Have processes in place to respond to subject requests in a timely manner
How can Pitchero help?
- Ensure our system is compliant ahead of the May 25th deadline
- Provide a facility for you to gain consent from users of your Pitchero website
- Provide tools to help access data needed for subject requests
- Improve data security
- Provide audit information for membership database exports - so you can see who has exported what and when
- Clearly display who has access to data and provide tools to add or remove access where appropriate