In May 2018 the Data Protection Act is replaced by the GDPR (General Data Protection Regulation).
RM acts as the data controller for its own employee data and acts as a data processor for many of our customers, including those using RM Unify. We already have a range of measures in place to achieve compliance with current legislation and we are reviewing these in order to ensure that we comply with the GDPR. The ICO (Information Commissioner's Office) has issued guidance documents on GDPR transition, including Preparing for the General Data Protection Regulation (GDPR) – 12 steps to take now. RM is using this guidance to review its legal and contractual obligations, and where necessary, make appropriate amendments to our policies and practices. RM has established a GDPR Working Group, with membership drawn from across the RM Group, to oversee the transition work. This group reports to our Group Security & Business Continuity Committee, which acts on behalf of the RM Executive on all matters relating to security and data protection governance.
RM Unify's approach to data protection management is designed to be compliant with all data protection legislation, including both the Data Protection Act and the GDPR when it comes into force. You can find out more information about how we do this from the following articles.
RM Unify Terms and Conditions
RM Unify Data Sharing
RM Unify and Data Retention
If you have any questions about how we manage users' data in RM Unify, please get in touch with us at firstname.lastname@example.org