Security and privacy
Introduction
For GDPR purposes IRIS Networx has been identified as a data processor, with the client as the data controller.
As such, the client has an obligation to:
1. Choose only processors that can provide sufficient guarantees to implement appropriate technical and organisational measures to make sure that the processing will meet data protection requirements and will protect the rights of the individuals the information relates to.
2. Put in place a contract or agreement, that is binding on the processor and that sets out:
-
The subject-matter and duration of the processing.
-
The nature and purpose of the processing.
-
The type of personal data and categories of data subjects.
-
The obligations and rights of the customer.
The contract must include certain clauses listed in Article 28 of the General Data Protection Regulation (GDPR).
This section is designed to provide reasonable guarantees in line with the above.
Our commitment to data protection
IRIS Networx will:
• Use personal data legally and securely.
• Respect privacy and treat personal data lawfully and correctly.
• Ensure that the service complies with the General Data Protection Regulations (GDPR).
• Adhere to the group data protection policy.
• Report any breaches of data protection to the relevant channels.