SpiderGroup have undertaken a project to ensure GDPR compliance, we have issued updated our terms and conditions and privacy policy in line with GDPR. We have invested in training for our staff to ensure all employees are aware of their obligations and we have also become Cyber Essentials Certified.
As part of our requirements as a data processor we will record where all the data we process on your behalf is stored on our platform, inform you of any breaches and keep a record/logs of any action we take on personal data we process on your behalf (only acting on the data controller’s instructions of course!).
If you have any specific concerns, questions or require copies of any of our policies please don't hesitate to ask. It’s important to realise GDPR is not just about IT and security and that SpiderGroup being GDPR compliant does not make your business compliant. Your business is still the Data Controller and retains ultimately responsibility for any data you collect. You should carry out your own audits, reviews and risk assessments to determine what you need in place and we can help you with any IT requirements you identify.
We have also published a couple of blogs on the subject (oldest to newest)..
https://www.spidergroup.com/blog/are-you-ready-for-gdpr
https://www.spidergroup.com/blog/five-months-gdpr
https://www.spidergroup.com/blog/four-months-to-gdpr
https://www.spidergroup.com/blog/GDPR-compliance