GDPR Statement
Home / About us / Policies / GDPR Statement

GDPR Statement

General overview

Seriun have a cross-functional project team who have been working on our GDPR policy and implementing the strategy, to ensure all areas of our systems and processes are compliant with the new regulations that come into force on 25th May 2018.

We recognise that the security of our support function form part of the controls and processes that our customers will be required to implement to meet some of their own GDPR obligations. To support this, we have undertaken a mass review of all its policies, procedures and documentation in line with our responsibilities under GDPR.

We will shortly issue written notification to all customers, detailing variations to our contract with you, which reflect our increased obligations.

In the meantime, we would like to highlight the following:

Locations & security

  • For resilience purposes, our servers are based in multiple locations, all within the EU.
  • All centres where data is stored are ISO 27001:13 accredited.
  • Seriun LTD is ISO 27001:2013 accredited.
  • All back-ups are encrypted and links between data centres and data storage locations are 256 bit SSL links.
  • Network and server security is continually monitored, and updates are installed to servers every month.

Read more…

Access

  • Server locations have no public access.
  • Data is accessed and processed by Seriun employees on a ‘need’ basis, in order to perform their duties.
  • All Seriun employees are based within the UK.
  • All Seriun employees are trained to adhere to our strict Data Protection policies and procedures, enforced by contracts of employment.

Policies & procedures

Over the past 6 months, Seriun has reviewed all of its policies and procedures in relation to data storage, security and processing in line with the upcoming GDPR. We are now proud to say that we are ISO 27001:2013 accredited and aligned to GDPR requirements.

If you have any further questions, please contact us at info@seriun.co.uk

Lastly, if a data subject requests to exercise their right to erasure, please contact us immediately. Together we can ensure compliance with legal requirements, procedures and regulations.

 

See our full Terms and Conditions, Privacy Policy and our Cookie Policy for further information. Less