logo
logo

Silk Road Professionals GDPR Policy

Trust is the foundation of effective collaboration. At Silk Road Professionals, we are committed to the privacy and security of any personal information entrusted to us.

1. Introduction

The EU General Data Protection Regulation ('GDPR' or 'Regulation') came into force across the European Union on 25th May 2018 and brought with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the requirements of the digital age.

The 21st Century brings with it broader use of technology, new definitions of what constitutes personal data, and a vast increase in cross-border processing. The new Regulation aims to standardize data protection laws and processing across the EU; affording individuals stronger, more consistent rights to access and control their personal information.

2. Our Commitment

Silk Road Professionals is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. Silk Road Professionals is dedicated to safeguarding the personal information under our remit and in developing a data protection regime that is effective, fit for purpose and that demonstrates an understanding of, and appreciation for the new Regulation. Our preparation and objectives for GDPR compliance have been summarised in this statement.

3. Our security measures and precautions include:

Privacy Notice/Policy

Our revised Privacy Notice(s) comply with GDPR, informing individuals about data need, use, rights, disclosure, and protection measures.

Obtaining Consent

We revised consent mechanisms for personal data, ensuring individuals understand and provide active, clear, easy, and intelligible consent. Stringent processes record affirmative opt-in with time/date stamps and provide an easy way to withdraw consent.

Direct Marketing

Direct marketing wording and processes were revised to include clear opt-in mechanisms, an easy method for opting out, and unsubscribe features on all marketing materials.

Processor Agreements

For third-parties processing personal information (e.g., Payroll, Recruitment, Hosting), we drafted Data Processing Agreements and due diligence procedures to ensure both parties meet GDPR obligations. Measures include ongoing reviews, outlining processing necessity, and verifying technical/organizational measures.

4. Data Subject Rights

In addition to the policies and procedures mentioned above that ensure individuals can enforce their data protection rights, individuals can request information about:

What personal data we hold about them
The purposes of the processing
The categories of personal data concerned
The recipients to whom the personal data has/will be disclosed
How long we intend to store your personal data for
If we did not collect the data directly from them, information about the source
The right to have incomplete or inaccurate data about them corrected or completed and the process for requesting this
The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use
The right to lodge a complaint or seek judicial remedy and who to contact in such instances

5. GDPR Roles and Employees

Silk Road Professionals has designated Dan Mangles as our Data Protection Counsel. Silk Road Professionals understands that continuous employee awareness and understanding is vital to the continued compliance of the GDPR.

If you have any questions about this policy, please contact us at dan@srpsoftware.com