We're sure by now you'll have heard all the buzz around GDPR. The General Data Protection Regulation comes into force on May 25th 2018. From that point onwards, any business that fails to comply will be subject to a hefty fine.
If you’re anything like us, you’ll already have been inundated with scaremongering calls and emails about how GDPR could affect your business. The big question we’ve been hearing is – How do I dispose of my old computer equipment while still complying with GDPR? And the good news is, we’ve got a really simple answer. As a data processor, Pure Planet Recycling takes care of that side of things for you.
How to ensure your data destruction is GDPR compliant
The GDPR is a lengthy, complex document that’s designed to streamline data privacy laws across Europe. Even when the UK leaves the EU, it’s likely to be worked in to UK law. If it isn't, you’ll still fall under GDPR rules if any of your customers are within the EU.
But how do you know which parts apply to you? And how do you ensure that you dispose of your old equipment in line with the new rules?
The first thing to know is that data destruction is classed as a form of data processing, which is subject to GDPR. By employing a secure data destruction provider like Pure Planet Recycling to destroy your electronic data, you’re the data controller, and we’re the data processor. That means the onus is on us to ensure GDPR compliance.
Nothing has changed from a service point of view at our end. We still securely collect and destroy your redundant media by shredding, crushing or degaussing. We then certify the data destruction process, which is a key requirement of the GDPR and means you have a full audit trail for every step of your data.
So is all the scaremongering justified?
Any business that deals with customer data will need to understand and comply with GDPR. Mitigating the risk of a data breach – which would not just ruin your reputation, but result in an increased fine under new GDPR rules. So yes, it’s an important issue for any UK business or organisation that deals in any way with customer data.