GDPR COMPLIANCE

Here you can send us an email if you want Steema to:
• Supply you with a copy of any personal data we hold about you (Right to access information)
• Delete personal data we hold about you (Right to be forgotten)
• Correct personal data we hold about you (Right to rectification)
• Restrict processing your data (Right to restriction on data processing)

You are currently entitled to receive this information under the Data Protection Act 1998 (DPA) and will continue to be under the EU General Data Protection Regulation (GDPR), which comes into effect on 25 May 2018.

What does Steema do to comply with the GDPR?
• Appointed a Data Protection Officer (DPO) to oversee our compliance program.
• Continuously review our security measures to ensure any personal data we collect and process on our systems is adequately protected.
• Ensure our Privacy Policy clearly explains Steema’s commitment to the GDPR, is transparent about how we use personal data, and gives individuals information about how they can exercise their data subject rights.
• Provide our customers with GDPR-ready terms in our Data Processing Addendum and update our contracts with third party vendors to ensure they are GDPR-compliant.
• Maintain formal processes around data subject rights to ensure we can help customers fulfill requests they receive.
• Complete Data Protection Impact Assessments to identify and minimize any risks from our processing activities.
• Maintain accurate records of our processing activities, both as a processor and controller of personal data.
• Pay close attention to regulatory guidance around GDPR compliance and making changes to our product features and contracts when they’re needed.