GDPR Policy – Statement of Compliance

The General Data Protection Regulation (GDPR) is effective from 25th May 2018.

Secma AS acknowledges its responsibility to develop and maintain business-wide awareness of the rights of individuals to be empowered and protected in terms of data privacy.

We have implemented procedures and training to ensure that a legal basis for the processing of personal data underpins all business practices at Secma AS.

We recognise the circumstances in which personal data is processed and acknowledge that the GDPR clarifies the responsibilities of companies as far as the processing (collection, storage, maintenance and use) of personal data is concerned and which Secma AS is in compliance of.

Secma AS is actively working with its GDPR strategy and we will continually strive to ensure that personal data privacy is embedded as routine practice on an ongoing basis.

Secma AS has ensured that all relevant staff is trained in the concepts and requirements of data protection policies. Staff is expected to embrace the ethics of data protection law and to adopt the practices into the workflow so that it will reflect the company’s commitment to ensuring that the rights of individuals are respected and protected at all times.

Secma AS’ internal policy for data protection requires any products, services or systems adopted by the company (relating in any way to the processing of personal data) to undergo an assessment to establish that they do not contravene with the company’s policies to maintain compliance with the GDPR.

Furthermore, Secma AS has implemented training and processes to enable staff to recognise and respond to data Subject Access Requests (SARs).
Thus, our staff understand the significance of undertaking identity checks prior to responding to requests for data portability and the rectification and/or erasure of personal data