Personal data protection has always been a priority for the Group. It is mandatory for any company that processes personal data, on pain of sanctions. In the European Union, requirements in this area have been strengthened since the General Data Protection Regulation (GDPR) came into force in May 2018.
Vivetic Group has taken steps to comply with this new legislation so that it can operate lawfully. Among other things, this means implementing a protection policy tailored to the nature of the data and the activities of the group's companies. The RGPD in fact requires organizations to improve their practices regarding the processing of personal data such as ensuring that data processing has a legal basis, respecting the rights of the holder, having effective procedures and means that guarantee the secure processing of data, framing transfers in accordance with the recommendations adopted by the European Commission, the aim being to achieve a sufficient and adequate level of protection taking into account the risks.
In order to guarantee the security of personal data, Vivetic Group has set up an ethical data protection charter and implemented certain specific points of the RGPD in its Quality Management System.
In this context, upstream of any new project we observe particular vigilance over data processing by analyzing, among other things, the risks that said processing could generate to data holders. In particular, several verification and validation stages, based essentially on the RGPD, are carried out before Vivetic Group agrees to carry out a project that relates to the processing of personal data.
Across all its activities, Vivetic Group has also created several procedures that are based on the requirements of the RGPD. By way of example the group has a data breach notification procedure, the aim of which is to prevent data breaches and react appropriately in the event of an incident. Among other procedures, a system for managing the exercise of data subject rights is also in force at Group level. Its main aims are to provide better customer service, improve transparency and enable data subjects to check that the information held about them is accurate.