What action has Gecko taken to ensure GDPR compliance?

We take our responsibilities under GDPR seriously. That’s why we embarked on a program to identify measures to implement compliance with GDPR, and worked to implement them. Here is a quick summary of what we’ve done to date:

  • We conducted a comprehensive GDPR audit and gap assessment. Following the gap assessment, we created and completed an internal roadmap to GDPR  compliance
  • We carried out an internal education program to deliver GDPR-focused training across key areas of the business so that everyone is aware of what GDPR requires and how it impacts their day-to-day roles
  • We engaged with product and security teams to consider and make the necessary changes/improvements to our processes
  • We conducted a comprehensive data-mapping exercise that tracks personal data flows throughout our systems and services.
  • We reviewed our key third-party vendor arrangements to make sure we have the appropriate contractual protections in place to satisfy GDPR requirements
  • We refined procedures to deal with some key data subject rights, like subject access requests and the right to request deletion. This can be found at https://www.wearegecko.co.uk/privacy-policy/

For more information on our GDPR Roadmap, please email gdpr@wearegecko.co.uk