On May 25, 2018, the General Data Protection Regulation (GDPR) went into effect across European Union (EU) member states, impacting any organization that processes personal data of EU citizens. GDPR represents a strengthening of existing data privacy rights for citizens of the European Union.
JSCM Group, LLC is committed to protecting personal data of our EU employees, contractors, customers, and vendors, regardless of where that data is processed. We have a vast and strict security program and an established series of internal policies, processes, and practices across our organization to ensure that personal data of EU individuals is processed appropriately and protected in our information systems.
When processing the personal data of EU individuals we:
Ensure there is a legitimate business reason to collect the data.
Ensure we have consent to collect and use the data (where required).
Limit collection, storage and usage of the data only to the extent for which there is a business reason and consent.
Restrict access to all data on a need-to-know basis.
Below are some highlights of how JSCM Group is ensuring compliance with GDPR:
Data Breach Response Plan: In the event of a data breach that may impact the security of employee, customer, or vendor personal data of EU citizens, we will take steps to notify EU authorities within 72 hours of discovery of the incident.
Data Privacy Impact Assessment: When initiating new projects or products, implementing new software, or onboarding new vendors that may process personal data of EU individuals, we will assess data privacy impact in order to ensure that personal data is adequately protected in any systems or processes we control.
Data Subject Rights: We understand that anyone doing business with us may have questions about the types of personal dataJSCM Group processes about them. If you would like to make a request about the personal data we process, please contact us below.
If you have questions about GDPR compliance, please contact us here or at (704) 464-4468.