The General Data Protection Regulation (GDPR) is a standard set of data protection rules for companies operating in the EU. GDPR compliant companies need to deploy high standards of data privacy and data protection rules for their clients.
We follow all the standard practices of the GDPR and we were amongst the first few companies to be a GDPR compliant company. We also have a fixed set of standard operating procedures for providing our services and
handling client data.
For all our GDPR Compliances, we are associated with Prohal, Chartered Certified Accountants. Ms. Prodipta Patel, who is the co-founder of Prohal is acting as our “Associate Consultant – GDPR Compliances”.
We have incorporated some strict policies in compliance with the GDPR to ensure complete data privacy and protection.
These policies are as listed below:
Anti-Bribery and Anti Corruption Policy
- Initor Business Solutions Limited (IBS) has set out this policy to reinforce our zero tolerance towards bribery and corruption. The policy has clear set of rules to establish the responsibilities of IBS and its employees with respect to bribery and corruption.
- Firstly the policy educates those working for IBS to help them recognize such issues.
- The policy also has a set of guidelines for actions to be taken in case any issue of bribery or corruption arises.
IT Policy and Infrastructure Policy
- The IT Policy and Infrastructure Policy has listed strict rules and regulations for physical security and IT security.
- The physical security includes maintaining high level security of the infrastructure at IBS. According to the policy the installation of closed circuit cameras, controlled access to different machines, secure document storage etc. is mandatory.
- IT policy ensures complete IT security with clear guidelines for installation of latest anti-virus software, anti-malware software, host-based firewall software, backup plans, account management and more.
- Under the Data Protection Act, it is mandatory for IBS to define an institutional framework designed to ensure the security of all personal data during its lifecycle, including clear lines of responsibility.
- The policy also lists the standard procedures to be followed in case we encounter any data breach and information security lapse incidents at IBS.
- At IBS, we are committed to process data in accordance with our responsibilities under the GDPR.
- Sometimes, we may need personal data in order to maintain legal & regulatory compliance as well as crime prevention.
- The personal data procured will be used, processed and disclosed as per service requirements.
Data Retention Archiving and Destruction Policy
- IBS considers itself responsible for the data collected from our customers. We are bound to various obligations that depend on local laws and regulations or client contracts. These obligations may also surface from the promises made to our employees, customers, goods and service providers and our partners.
- The Data Retention Archiving and Destruction policy is incorporated to appropriately support these obligations.
- The policy mentions the standard protocols to be followed with respect to the duration of data retention and subsequent data destruction.
IT Continuity, Backup and Recovery Policy
- The primary objective of this policy is to state formal requirements for IT continuity, backup and recovery.
- This policy aims to reduce the risk of IT system disruption or disaster.
- It also lists the plan for efficient recovery of IT services and data in a timely manner in case of any disruption or disaster.
error: Content is protected !!