Organisations operating in the EU and EEA and processing personal data of EU-based individuals are, in almost all cases, required to comply with the General Data Protection Regulation (GDPR) from May 25 2018. The GDPR updated and harmonised the framework for processing personal data in the European Union, and brought with it new obligations for organisations and new rights for individuals. Many of the key points of GDPR were present in the Data Protection Act 1998 that GDPR effectively replaced. MediaBlanket has many years experience earning our user’s trust and we were already compliant with the Act before the May 2018 deadline.
We are certified compliant with the most widely-accepted security and privacy standards and regulations, such as ISO 27001/2, ISO27018/17 and SOC 2.
How does MediaBlanket comply with GDPR? Trust is the foundation of our relationships. We value the confidence that you put in us and take the responsibility of protecting your information seriously. MediaBlanket has analysed the GDPR and have undertaken the necessary steps to ensure that we comply.
Under the GDPR, MediaBlanket Ltd give the customer:
The GDPR clarifies that the reason for allowing individuals to access their personal data is so that they are aware of and can verify the lawfulness of the processing.
We will provide a copy of the information free of charge. However, we can charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.
We may also charge a reasonable fee to comply with requests for further copies of the same information.
The fee must be based on the administrative cost of providing the information.
Information must be provided without delay and at the latest within one month of receipt.
MediaBlanket can extend the period of compliance by a further two months where requests are complex or numerous. If this is the case, we will inform the individual within one month of the receipt of the request and explain why the extension is necessary.
Where requests are manifestly unfounded or excessive, in particular because they are repetitive, we can:
If we refuse to provide this information or request a reasonable fee we will remind you of your right to make a complaint to the ICO or any other supervisory body and remind you of your ability to seek to enforce this right through a judicial remedy.
We will verify the identity of the person making the request, using ‘reasonable means’.
MediaBlanket may be able to provide remote access to a secure self-service system which would provide the individual with direct access to his or her information.