Ergonomic Solutions International Limited and Subsidiary Companies

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a privacy and data protection regulation in the European Union (EU) which came into force as of May 25 2018.

The GDPR imposes new obligations on organisations that control or process relevant personal data and strengthens the rights that individuals have regarding personal data relating to them and seeks to unify data protection laws across Europe, regardless of where that data is processed.

Ergonomic Solutions takes the processing of other people’s personal data very seriously and as stated in our Ethics Policy Statement we always strive to treat colleagues, stakeholders, customers, suppliers and the public respectfully, professionally and fairly.

At Ergonomic Solutions we will do our outmost to be compliant with GDPR and continuously ensure the processing of personal data and compliance with GDPR through different means including:

• Controls & Gap Analysis: Review of all internal security and privacy policies and controls to ensure that all personal data processed by Ergonomic Solutions will be handled in accordance
  with the GDPR.
  
  
• Technology: Review of technology platforms to analyse their operation, security and compliance to ensure that they meet the standards we have laid down and identify any gaps and risks.
  
  
• Data Impact Assessments & Data Inventory: As part of the assessment of our data processing activities, we will review our information flows, any data transfers and systematically review the data we store, manage, maintain, collect, process and control. This also includes paper records.
  
  
• Third Party, Supplier & Partner relationships: Where relevant and related, we will be using all reasonable endeavours including Data Processing Agreements to ensure that our third parties, suppliers and partners are compliant.
  
  
• Training & Awareness: Training across the Group on the GDPR and its impact on policies, procedures, and responsibilities of staff.
  
  
• Policy Development: Review/refresh policies, procedures and agreements including (but not limited to) Data Protection Policy, Data Breach Policy, Data Processing Agreements and IT Policy.

The Executive team at Ergonomic Solutions is responsible for ensuring compliance with GDPR and will continuously monitor and review policies, procedures and systems used for processing of personal data.