EJC GDPR Statement
The basics
EJC meets the requirements of the GDPR. However, you also need to assess your compliance with the GDPR.
How does EJC comply with the GDPR?
- Trust is the foundation of our relationship with our customers and we value the confidence you’ve put in us and take the responsibility of protecting your information seriously.
- EJC places the utmost importance on data protection and has a track record of staying ahead of simple compliance.
- EJC’s management team have carefully analysed the GDPR and have undertaken the necessary steps to ensure that we comply.
- Our contracts clearly articulate our privacy commitments. More recently, we have specifically updated these terms to reflect the GDPR and they took effect from 25 May 2018, when the GDPR came into force.
- See below for more information on specific services.
What are your obligations under the GDPR?
- It is important to remember that you, as the the data controller, have specific legal obligations under the GDPR.
- You should be confident that any providers (data processors) you work with have a robust approach to data protection and are well prepared to meet the obligations of the GDPR.
- Remember, no provider can offer to “solve” GDPR compliance for you.
- Our GDPR guide sets out our approach to working together to keep your data secure and helps make clear EJC’s responsibilities and our customers’ responsibilities.
Our own services
Service Desk and System Management/Monitoring
Security measures
- User access controls
- Encrypted storage
- Encrypted communication
Online Backup to Datacentre
Security measures
- User access controls
- Physical access controls
- File encryption
Datacentre Services
Security measures
- User access controls
- Physical access controls
- Encrypted communication
Services with sub-processors
Microsoft Office 365
Location
EU
Security measures
- ISO 22301, 27001/17/18
- Access controls
- Encrypted storage and transit
- Anti-malware email scanning
Further information
Mimecast Email Security and Archiving
Location
EU
Security measures
- ISO 22301, 27001/18
- Encrypted storage and transit
- Access controls
- Anti-malware email scanning
Further information
Microsoft Azure
Location
EU
Security measures
- ISO 22301, 27001/17/18
- Access controls
- Encrypted storage and transit
Further information
G Suite
Location
EU
Security measures
- ISO 27001/17/18
- Encrypted storage and transit
- Access controls
- Anti-malware email scanning
Further information
Cloud-Based Disaster Recovery
Storagecraft
Location
EU
Security measures
- ISO 27001 datacentre
- Encrypted storage and transit
Further information
Email Marketing
Location
US
Security measures
- ISO 27001 datacentre
- ISO 27001/18 cloud provider
- Access controls
- Encrypted storage and transit
Further information
Dropbox business
Location
EU
Security measures
- ISO 27018
- Access controls
- Encrypted storage and transit
Further information
Office 365 Cloud Backup
Location
EU
Security measures
- Access controls
- Encrypted storage and transit
Further information
WordPress Web Site Hosting and Management
Location
EU
Security measures
- Access controls
- Encrypted communication
- Anti-malware scanning
- Update management
- Incremental backup
Further information
To be added
More on GDPR
GDPR Resources
Find more information on what GDPR means for you, how you need to prepare and why working with EJC helps you along the way.
Need more help?
GDPR can seem pretty daunting. If you'd prefer to just talk through it, click below or call us on 0370 600 9700.
We can arrange an appointment to give you more information and discuss where we can help.
Important reading
The Information Commissioner’s Office (ICO) provides both comprehensive and straightforward advice and information on GDPR. Here are four useful links to make sure you fully understand your responsibilities:
12 Steps
The ICO’s quick twelve-step overview to GDPR
Guidelines
Full and comprehensive guidelines from the ICO
Checklists
Step-by-step checklists to make sure you’ve covered everything
Mythbusting
A series of GDPR ‘mythbusting’ blog posts from the ICO
