You may have recently read or heard about the European Union’s upcoming implementation of its new and expanded privacy law framework, the General Data Protection Regulation (GDPR). This regulation applies to the data privacy policies of any business located inside or outside of the EU that processes personal data relating to EU residents. The GDPR requires that its data privacy compliance standards be met by May 25, 2018.
As a company that continues to become increasingly more global, Travel and Transport takes its compliance with this new regulation and the privacy of our customers very seriously. In preparation of the GDPR taking effect, Travel and Transport has formed a process for driving compliance within the requirements of the new rules of the GDPR. Travel and Transport has implemented, or is actively working on, the following processes and procedures:
- Established an office of the data privacy officer.
- Engaged a third-party audit firm to conduct a GDPR analysis for Travel and Transport’s domestic and international locations.
- Review of contractual requirements with our third-party vendors.
- Update of internal policies and procedures to conform to the GDPR requirements.
- Providing GDPR training for entire employee base.
In addition to the above steps, Travel and Transport has been previously certified under the EU-U.S. Privacy Shield Safe Harbor Framework and has already trained specific key management levels across all departments on the details required of the GDPR, including every department as part of our GDPR assessment.
We are proud to state that we have completed full GDPR data mappings for all internal applications and processes, and have incorporated these requirements into our normal security practices.
For more information on the GDPR, please visit the following resources:
If you have any further questions, please contact your Travel and Transport account manager directly or contact us.