Huh? What is it?

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the EU and fully replaces the 1995 Data Protection Directive (EU) and the 1998 Data Protection Act (UK).

In addition to this it also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international businesses by unifying the regulation within the EU.

This regulation will come into effect across the EU on May 25, 2018.

What's the aim?

GDPR aims to make data protection regulations;

More Relevant & Comprehensive

We have come a long way since 1995! GDPR is a well needed fresh lick of paint on data protection practices and how they apply in today's world.

More Unified

Standardising data protection practices across all EU member states ensures everybody sticks to the same rules.

What information does the GDPR apply to?

The GDPR applies to 'personal data' meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.

Identifiers can include name, id number, location data or online identifiers.

Ok, so what will change?

Demonstrable Compliance

Many companies, including Shepper, already treat customer/service provider data with the utmost care. GDPR requires companies to revisit what information is held regularly, why it's held, and how it can be treated as securely as possible.

Individual Rights

Our customers and our Shepherds are important to us. On top of existing rights in the EU, like the right to access and correct personal data held by an organisation, GDPR introduces new data protection rights for individuals such as the right to obtain and reuse personal data across different services, and the right of erasure.

Privacy by Design

Data processing and therefore the protection of it sits deep within the fibre of any business. Here at Shepper we ensure that we think of data privacy from the start when we are designing products and services that are going to be used by both our customers and service providers (Shepherds).

What has Shepper done so far?

  1. We have made all employees in the business aware of GDPR and what impact it will have.
  2. We have conducted a comprehensive audit to map out what data we hold and how and where it's being processed.
  3. We have reviewed our Privacy Policies and will be updating those accordingly.
  4. We are updating internal procedures to ensure we cover all the rights individuals have, including how we would delete personal data.
  5. We are updating any touch-points we have to ensure we ask for explicit consent to use personal data.
  6. We are putting the right procedures in place on how we detect, report and investigate personal data breaches.
  7. Worked together with any third party vendors to ensure they comply with GDPR.
Did this answer your question?