GDPR
Dstny's take on GDPR and personal data
At Dstny we have always felt strongly about privacy and protecting our customers' data. With the GDPR (General Data Protection Regulation), we now strengthen our efforts in these areas so that you and your customers, can be confident that we handle your data with care.
What is GDPR
The General Data Protection Regulation (GDPR), is an EU regulation taking effect the 25th of May 2018 across all member states. The regulation is designed to strengthen the protection of personal data and unify the regulations within the EU member states, therefore replacing the Swedish Personuppgiftslagen (PuL). In comparison with PuL, the new regulation, goes further with more strict control mechanisms and takes a firmer stance on the rights of individuals of which data is being processed, why it's needed and with greater transparency.
Why does Dstny process your personal data
Communication services are dependent on personal data to work such as Name, Phone number, Mail address etc. As your communications provider with one of the biggest portfolios in communication services, we need to process your personal data in order to support, deliver and fulfill our responsibilities to you.
The Relationship between Dstny and you, our customer
Since we process your personal data on your behalf, we are considered your Data Processor. That makes you, our customer the Data Controller. In compliance with the new regulation, a Data Controller and Data Processor must sign a DPA (Data Processing Agreement). We have therefore developed a DPA for you to sign.
If you would like to sign a DPA with us, please drop us an email at dpo@dstny.se with the following information:
Company name
Reg. no (organisationsnummer)
Address
Name of the signer
We will then send you the DPA.
Advice and information regarding processing of Personal Data and GDPR
- Check your obligations and rights. Depending on the kind of service you offer to your customers and what kind of Personal Data you process, different rules may apply.
- Do not collect or process Personal Data that isn't necessary for your business or your services.
- Apply proper security measures such as encryption, data policies etc.
- Prepare and educate your staff in how to handle personal and sensitive data. Many data leaks today happens by someone within the own organization, unknowingly helping the culprit.
- Do not stop working with your personal data just because you “finished” the deadline for the regulation. You must continue to keep your data up to date, evaluate future products etc. to make sure that you continue to be compliant with the new regulation.
If you want to read more about the new regulation, we have collected some links for you:
https://www.datainspektionen.se/dataskyddsreformen/ (Swedish)
https://ec.europa.eu/justice/smedataprotect/ (English)