We are committed to high standards of information security, privacy and transparency, making all the necessary efforts in our ongoing preparations for the General Data Protection Regulation (GDPR):
We are amending our activities and associated policies and procedures as necessary in order to fully comply with GDPR following a thorough assessment, including a new data breach reporting procedure.
We are checking our procedures to ensure they cover all the privacy rights individuals have, including access right to their personal data, the right to erasure, portability right or the right to object to some processing activities.
We are adding supplementary safeguards in the Data Processing Agreements which we concluded with our data processors.
We are reviewing all our main business partners for compliance with GDPR paying special attention to our marketing activities providers.
We are carrying out Privacy Impact Assessments, as necessary.
We are implementing very clear data retention terms for each type of personal data based on the mandatory legal requirements (such as the Anti Money Laundering laws) for storing some categories of personal data.
Our websites will have new features for collecting marketing consents, which are being implemented so that our customers will have the assurance that they will be contacted and treated in accordance with GDPR requirements.
All our websites will contain an updated and clearly identified Privacy Policy and Cookie Policy.
All data processing activities are grounded on lawful basis.
We have a designated Data Protection Officer and a dedicated communication channel, available for all interested customers: [email protected]