GDPR Compliance for Apps workflow
Liquid State has put measures in place to meet the GDPR Compliance within the solutions it provides.
The following process has been formulated by Liquid State to ensure that our response to user requests for control over, or access to, their personal data, is GDPR compliant.
Here, ‘Client’ or ‘Customer’ refers to Liquid State’s Client or Customer. Here, ‘User’ refers to the person who uses the app also the person who puts forward the request and for whom the app should be GDPR compliant.
Steps for GDPR Compliance:
A request for ‘Sending the user’s personal data' or ‘deleting the user’s personal data' can come from any source. This is why the process includes all the possible sources to be GDPR compliant.
The entire process of ‘Sending the user’s personal data' or ‘deleting the user’s personal data' should be completed within 30 calendar days. This is to ensure that the legal requirements are met.
A user will send a request either by Call, Email, Social Media or through the Solution itself. If the user sends a request through Call, Email or Social Media then the client organisation representative should respond to the user letting them know that the request has been lodged and an agent will get back to the user in 72 hours.
If the user sends a request through the Solution then the client organisation representative will receive an email informing the user’s request and next steps. Client Organisation Representative should respond back to the user within 72 hours.
Once the Client Organisation Representative has the request, they should log a Liquid State Service Desk Ticket with the details of the user and the details of the solution to get the data required.
Liquid State team will then gather the information required (Do the processing required if the user needs to delete the data) and give the file with all the information (give a confirmation after the details is deleted while informing that the user will not be able to access information) to the Client Organisation Representative. Liquid State aims to respond back within 15 business days.
Once Liquid State Provides the results of the request, the Client Organisation Representation should provide the appropriate feedback to the user.
Please note all communications between Liquid State and Client Organisation should be through Service Desk to ensure information is not lost between the different sources of communication.
Standard Action Steps to commence GDPR compliance
Unless otherwise indicated in the Overview page of this WIKI the information contained within this space is Classified according to the /wiki/spaces/ISMS/pages/739344530 as |
INTERNAL |