Overview
The European Union (EU) has introduced General Data Protection Regulation (GDPR) to protect the fundamental right to privacy of EU resident effective from 25th May, 2018. A stringent yet essential law to be enforced by EU is made to date on how EU citizens’ and residents’ personal data is lawfully collected, processed and stored. Applicable to all organizations who process EU residents’ Personal Data or have Business Arrangements with them to provide goods and services, the law gives the control back to the EU Residents over the usage of their personal data.
Cygnet Infotech looks at GDPR as an opportunity to tighten its controls and strengthen in areas of high criticality. Since 2000, we have worked tirelessly at delivering customer success which is built on pillars of trust, honesty, dependability and transparency. We intend to deepen our bond of trust with our customers and partners and create a wider net of accountability and transparency, not just with EU nations but across the world.
Cygnet Infotech’s commitment
We, the Cygnet Infotech Family is working at its best to be compliant with GDPR and feel privileged and responsible at the same time to maintain the sanctity of your data. We are committed to serving you in the best possible manner and continue to build our relationship on pillars of Transparency and Integrity which forms the core of our corporate philosophy. In our continued efforts to become GDPR compliant, we have updated our policy to help you navigate and understand your privacy and rights better.Please take a moment to glance through our policy here. Additionally, you can update your preferences with us and stay in complete control of your data. In this data-driven world, Cygnet Infotech is committed to the rudiments of securing personal data by ensuring Privacy, Security, Confidentiality, Integrity and Availability and are revitalizing its systems, processes and approach to serve its clients better without compromising their information.
Cygnet Infotech’s Approach to compliance
Being an ISO/IEC 27001 compliant organization, we have employed robust measures to ensure we maintain a high level of security and compliance with your data. More importantly, we are determined at becoming GDPR compliant before and after the enforcement date.
Assessment
- GDPR Awareness Trainings
- Identification of Personal Data / Personally Identifiable Information (PII) of Data Subject
- Performing Privacy Impact Assessment (PIA) to look at the Risk and requirement of New Controls
Transformation
- Periodic Review of Privacy Impact Assessment (PIA)
- Adopt Consent Management Mechanism and address all the Rights of the Data Subjects
- Make the Pertinent Changes to reassure the Privacy and Protection of Data
- Update our Privacy Policies based on the PIA
Confrontation
- GDPR Awareness Trainings
- Identification of Personal Data / Personally Identifiable Information (PII) of Data Subject
Continual Improvement
- Periodic Trainings
- Periodic Review of Privacy Impact Assessment (PIA)
- Enhancement of Security Measures based on PIA
- Periodic Analysis of Measurable Objectives
- Periodic Review of GDPR Framework
