We value our clients and understand that we are the guardians of their data. Our overriding feeling is that any data acquired is only very much 'on loan' to us and we are very grateful for 'the loan'. Our commitment is to always treat any data respectfully and in the strictest of confidence, in the same fashion as would expect our own data to be treated, securely and with respect.
In truth most the 'new' GDPR protocols have been in place at Monkey Puzzle Design & Print for a very long time prior to the legal GDPR directive.
We stringently protect other people's data firstly in order to ensure data privacy, but it is also very much in our own interest to ensure that our client and supplier data, which we have strived to acquire over the past 20 years, isn't acquired by any third party what-so-ever, with the very real commercial implications that any breach of data security would imply.
We have always administered and handled every company's or indivividual's data with due diligence, care and the utmost respect, including very high levels of security protocols.
All our protocols are being constantly monitored, refined and upgraded in line with the ever changing cyber threats, technological events and new law.
We have always and will always take responsibility for peoples' data very seriously, whether for a company or individual.
Your privacy and protection is in our own best interest and just because it's the right thing to do!
Brandon J. Ray
Monkey Puzzle Design & Print
GDPR is the highbred of DPA the (Data Protection Act) but a more indepth comprehensive and detailed ‘upgrade’ that covers the new media information such as online identifiers – eg an IP address - can be personal data. The more expansive definition provides for a wide range of personal identifiers to constitute personal data, reflecting changes in technology and the way organisations collect information about people.
Companies who keep HR records, customer lists or contact details e.t.c this change to the definition should make little practical difference. You can assume that if you hold information that falls within the scope of the DPA, it will also fall within the scope of the GDPR.
The GDPR applies to both automated personal data and to manual filing systems where personal data are accessible according to specific criteria. This is wider than the DPA's definition and could include chronologically ordered sets of manual records containing personal data.
Personal data that has been pseudonymised - eg key-coded - can fall within the scope of the GDPR depending on how difficult it is to attribute the pseudonym to a particular individual.
Sensitive Personal Data
The GDPR refers to sensitive personal data as "special categories of personal data". These categories are broadly the same as those in the DPA, but there are some minor changes.
For example, the special categories specifically include genetic data, and biometric data where processed to uniquely identify an individual.
Personal data relating to criminal convictions and offences are not included, but similar extra safeguards apply to its processing.