Can we trust that companies do not misuse our personal data? Unfortunately not; it is quite evident from the news that not all companies are worthy of our trust.
GDPR — we welcome you
Therefore, we welcome the European Union’s General Data Protection Regulation (GDPR), which is in effect from 25 May 2018. The GDPR defines a uniform set of rules for processing of individual data about EU citizens, as well as citizens of non-EU countries — such as Norway — that have chosen to implement the GDPR.
Hopefully, the regulation will contribute to reduced misuse of personal data, and to build genuine trust in companies that perform legitimate processing of our data.
The right to privacy is of great importance to Dynaplan. Customers as well as non-customers who register as users at www.dynaplan.com place confidence in our ability to handle privacy in a responsible manner. In connection with the GDPR, we have updated our privacy statement to give our registered users a clear overview of what information we collect, how it is processed and for what reasons, and how it can be updated and removed.
Together we ensure privacy
The GDPR splits the responsibility for processing of personal data between the controller and the processor.
The controller is responsible for ensuring that the processing follows six principles for processing. 1) The processing must be lawful. 2) It must have a specified purpose, and 3) be limited to that purpose. 4) Data must be kept accurate and up to date, and 5) data should be kept no longer than necessary. 6) Finally, data must be appropriately secured. The processor performs the actual processing of the data.
Dynaplan acts both as controller and processor for any data relating to our user database. When customers entrust additional data to us, the customer is the controller while Dynaplan is the processor. As an example, it is the responsibility of the customer to ensure that handling of personal data in a Strategic Workforce Planning process complies to applicable laws and regulations, including the GDPR.
Information security is a requirement for GDPR compliance. Financial information, strategies, plans, and budgets are examples of sensitive business information that require secure handling. At Dynaplan, we strive to treat both business information and personal information in ways that ensure confidentiality, integrity, and availability of your data.