What is Gecko doing about GDPR?

We take our responsibilities under GDPR seriously. That’s why we’ve embarked on a programme to identify which measures we need to implement to be compliant with GDPR, and are working to implement them. Here is a quick summary of what we’ve done to date:

  • We conducted a comprehensive GDPR audit and gap assessment. Following the gap assessment, we created an internal roadmap to work towards compliance with GDPR by 25 May 2018
  • We have started our internal education program to deliver GDPR-focused training across key areas of the business, so that they’re aware of what GDPR requires and how it impacts their day-to-day roles
  • We’re engaging with product and security teams to consider and make the necessary changes/improvements to our processes
  • We conducted a comprehensive data-mapping exercise that tracks personal data flows throughout our systems and services.
  • We’re reviewing our key third-party vendor arrangements to make sure we have the appropriate contractual protections in place to satisfy GDPR requirements
  • We’re refining procedures to deal with some key data subject rights, like subject access requests and the right to request deletion. This can be found at https://www.wearegecko.co.uk/privacy-policy/

For more information on our GDPR Roadmap, please email gdpr@wearegecko.co.uk