GDPR

What we are doing to comply

GDPR stands for the General Data Protection Regulation and is in effect from 25th May 2018. It is the EU-wide law that governs the use, sharing, transfer and processing of any EU personal data. The Information Commissioners Office is the UK Supervisory Authority (SA) for overseeing the implementation in the UK. GDPR replaces and builds on the UK Data Protection Act 1998. The UK government has already indicated that when the UK leaves the EU, it will continue to adopt the GDPR.

We respect all laws that apply to our business and this includes the GDPR. Here are some things that CBS Solutions LTD are doing to ensure our compliance with GDPR and that of our customers:

As a data processor for numerous customers we are committed to assisting our customers with GDPR compliance.
We will ensure that employees authorised to process personal data have committed to confidentiality.
We will assist our customers, insofar as possible, to respond to data subject access requests they may receive under the GDPR.
We maintain a log of all sub-processors we use, as well as any data processing for each project that we undertake, and we ensure that any data processing we are asked to undertake remains in scope with the original request.
We will assist with notifying the ICO of breaches and promptly communicate any breaches to customers and users.
We commit to carrying out data impact assessments and consulting with EU regulators or the ICO where a data impact assessment indicates a high risk associated with processing without an appropriate mitigating strategy.
We commit to, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, to work with our customers and data controllers to jointly implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate.
All systems which hold personal data encrypt that data in transit, and additionally some fields are encrypted at rest for additional security.
We do not transfer any personal data outside the EU.
We employ numerous database backup technologies depending on the needs of each project, for the purpose of restoring the databases in a timely manner in the event of a physical or technical incident.
We will hold any sub-processors that handle personal data, including our data centre partners, to the same data management, security, and privacy practices and standards to which we hold ourselves.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.