kpm awarded QG GDPR Management Standard
kpm Group are proud to have gained the GDPR Management Standard from QG. This accreditation demonstrates our work to go above and beyond the demands of GDPR.
As print and mail specialists, we deal with customer files and mailing lists every day. It’s vital that you know your customer data is in safe hands. That’s why we ensure that secure data processes are at the heart of our business. We have extensive policies in place to ensure ongoing integrity.
The QG GDPR Management Standard adheres to the principles of General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).
The QG GDPR Management Standard applies to all organisations who are ‘controllers’ and/or ‘processors’ of personal data. The definitions are broadly the same as under the Data Protection Act 1998 – i.e. the controller says how and why personal data is processed and the processor acts on the controller’s behalf.
Data Processors and Data Controllers
We often act as a data ‘processor’ for our clients. This requires us to meet specific legal obligations. For example, in maintaining records of personal data and processing activities. The obligations for processors are a new requirement under the DPA 2018 & GDPR.
However, if you are a controller, you also have obligations when a processor is involved. The DPA 2018 & GDPR require you to ensure that your contracts with processors comply with the Act/Regulation. It’s up to companies to manage this risk by auditing suppliers, checking policies and processes, and using accredited providers.
With this accreditation, you can rest assured that kpm meet your requirements. If you’d like to discuss this, or any aspect of GDPR in more detail, please contact us.