GDPR and Data Protection
GDPR (General Data Protection Requirements) came into effect on May 25, 2018. Due to “territorial scope,” any organization that deals with data of EU residents must comply with the GDPR for those individuals, which affects global data organizations. D2R has taken a principled approach to provide the same set of controls and protection to non-EU residents,as well, rendering itself not only as a pioneer to comply with GDPR personal data protection directives but also to introduce a programmatic set of workflows along with admin and functional system roles aiming to harness the continuity and confidence of such compliance.
Our international cloud architecture provides the advantage to comply with diverse data residency compliance. We migrated our European based agencies data to European clouds. We use IBM and Microsoft as cloud providers, our SLA agreements with bothare updated to secure full compliance with GDPR requirements.
Within the periphery of all our professional technical and administrative team, we have conducted multiple workshops explaining the updated policies, procedures and controls, which we applied, related to GDPR data privacy compliance. We have assigned a compliance master to follow-up relative training needs for the team and report on the proper integration of data protection procedures and controls pertaining to classification and labeling of our client data through the support, maintenance and development workflows. Systematicand transparent reporting secure Advanced Data Governance classification and retention practices. Once data is properly classified, we implement retention triggers to ensure relative data is preserved, archived, and deleted appropriately across devices, apps, cloud services, and on-premises environments.
We also placed controls, which secures that our client’s data is not shared with any other third party. We also placed controls over data downloads to ensure that we, at D2R-collect, do not download or release information from your agencies. We also assure our valued customers in UK, that we will do extra measures in Case Brexit happens, to meet any new data security requirements.
D2R is compliant with “Fair Debt Collection Practices Act” through its guided, easy to use, compliance configuration and transparent tasks of collector’s daily practice, the well-represented process workflows, nudge away the misrepresentation and other abusive debt collection practices, which are available in the market and hence labeling D2R as a comprehensive tool for effective collection of debts.
D2R system components from print material, import / export, payments gateway, recordings and data to the cloud and back are continuously protected via the latest Microsoft and IBM security and risk technology systems and patches. Such platform along with the system management and operation practices are redesigned in compliance with GDPR.
Our continuous quest and commitment to excellence found its way to our professional D2R team now working on a disruptive advantage geared by consuming and developing the latest voice, behavior and compliance artificial intelligence modules that shall plug in the existing system soon allowing numerous dimensions of AI practices, which shall take our compliance to a different dimension.
For additional information about IBM and Microsoft GDPR compliance measures, please refer to the below web links:
IBM: https://www.ibm.com/data-responsibility/gdpr/
Microsoft:: https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx