Data Security
On May 25, 2018, the General Data Protection Regulation (GDPR) went into effect. The rule addresses the privacy and protection of individual data subjects' personal information.
According to the law, it is the data controller's responsibility to ensure that the data processor complies with GDPR requirements in order to remain in compliance with the regulation. This allows for the protection of personal data of individuals (data subjects) living in the European Union (EU) and the United Kingdom, regardless of where such data is processed.
Clients of Acczy Outsourcing often function as data controllers or data processors, and Acczy Outsourcing serves as a data processor or data sub processor for these clients. While the data processor processes the personal data on behalf of the data controller or, in cases where we are data sub-processors, on the processor's behalf, the data controller decides the lawful means and purposes of processing the data subject's personal information.
However, in accordance with GDPR regulations, data controllers are responsible for GDPR compliance. We, as data processors or data sub-processors, consider ourselves to be equally responsible for implementing organisational and data security policies that enable privacy by design and default, demonstrating that data processing is secured and protected at our end, and enabling data controllers or data processors, as applicable, to be fully confident about data privacy and security while sharing their or their client's data.
Acczy Outsourcing places a high priority on data or cyber security, therefore we've gone through the steps of risk assessment, security control implementation, human resource training, and confidentiality and work-from-home security measures to reduce risk.
As a company that complies with ISO 27001 (ISMS) and ISO 27701 (PIMS), Acczy Outsourcing provides outsourcing services with high data security.