Note: This post should be considered separate to, but is supplemented by our GDPR Statement.As you’ve no doubt heard already, the EU GDPR, the General Data Protection Regulations, will be coming into force in 2018 – to be precise, on May 25th.
This blog post is designed to give you some reassurance and clarity around how the GDPR impacts Three Rings and, more particularly, your organisation.
At Three Rings, we’ve always taken personal data safety very seriously – right from the start, security has been one of our core values and we’ve taken multiple steps to ensure that our password protections are kept strong. All our traffic is encrypted to a higher standard than that required by UK online banking services, and all actions taken by users within the system are logged, and the system logs are visible to Admins to ensure there’s always an audit trail of who’s done what.
We already host Three Rings, and all data stored in it (as well as all our backups), exclusively inside the UK and European Union, and we process our data in line with our own Terms and Conditions and our Privacy Policy.
Three Rings is also designed to support organisations manage their obligations as data controllers: in fact we were talking about this in the context of the UK’s Data Protection Act 1998 as long ago as 2014 – coincidentally, at around the same time as Milestone: Promethium introduced the option for individual users to convert their accounts to be Self-Managed accounts.
Tools available to organisations to help them ensure they’re making responsible use of the data entrusted to them include our powerful Permissions system, which allows Admins to manage access to information fields in users’ Directory accounts down to the per-field basis, and reminders to Admins who are volunteering at organisations where accounts belonging to former volunteers have been Slept but not yet Purged.
Of course, the tools which Three Rings provides can’t make your organisation compliant with the GDPR – ultimately, that’s always down to your organisation and your policies – but we know that our tools can help, and will continue to help, so we wanted to make sure our users had some reassurance as we move into the final few months before the new regulations come into force.