Hello,
In light of the upcoming GDPR changes I wonder if you could help with the following queries
Do you have a GDPR statement and what measures are in place for you to be compliant with GDPR by May 2018?
Where is the data we input stored?
Do you have a data protection officer?
Do you inform me when you transfer data?
What controls do you have in place to reduce risk? /What are your risk management processes?
Who can access the data that you hold?
Do you have security breach notifications in place?
Do you adhere to Binding Corporate Rules (BCRs)?
What measures are in place for you to be compliant with GDPR by May 2018?
I look forward to your reply.
Vicky