CLA has recently made some changes to make sure that we are GDPR compliant. Note that all data is being stored within the UK. Below is some detail on how we protect data.
Data Storage
- Whilst DCS data my be processed outside of the EEA (our developers are based in Canada for example), our data servers are stored in the UK, in an Azure Cloud server.
Terms and Conditions
- In the event that CLA changes the T&Cs for the DCS, all users will have to re-confirm that they accept them. Note that all DCS primary users will be notified before any change to the T&Cs is made
Personal Data, Cookies and Privacy Policy
- You will see that there are some new tool tips highlighting areas in the DCS where personal information should not be entered. One example is the 'notes' section of the requests pages
- You will now see cookie consent pop-ups on all DCS related pages
- CLA's Privacy Policy, which includes Cookie information, is available on every page
Deleted users and data
- Where you could previously archive users, you will now be able to choose between deleting or archiving them. Deleting a DCS users means that their data will be removed from all related sections of the DCS, including reports. Deleted users will be referred to as 'removed user' throughout the system. All DCS users have the right to be forgotten, and may ask to be deleted.
- All deleted data is fully expunged after 12 months.
Comments
0 comments
Please sign in to leave a comment.