The EU GDPR requires companies that handle the Personally Identifiable Information (PII) of EU citizens to implement a series of safeguards and processes developed to protect an individual’s privacy.
Although the regulation was initially established in 1995, revisions that satisfy modern considerations were approved by the EU Parliament on April 14, 2016. Companies have until May 25, 2018, to prepare or potentially face significant fines.
Making a GDPR Declaration in the Supplier Portal
To complete the declaration, you must first have received the campaign email.
- Complete the Pre-Survey Check to determine if you are in scope of the GDPR:
If your organization stores and processes any of the following types of data in your systems relating to any individual located within the European Union, select Yes and click Next.
Enter all requested details before continuing. There are 14 total section after the Pre-Survey Check that you must complete:
- General Awareness of GDPR | Data Subjects | European Data Subjects
- Personally Identifiable Information ('Personal Data') | Sensitive Personal Data
- Data Controller or Data Processor
- Data Subject Consent
- Legal Basis
- Data Subject Privacy Notices
- Data Processing
- Automation and Profiling
- Data Users & Data Interface
- Data Retention
- Data Subject Requests / Rights
- Procedures and Policies
- Privacy Impact Assessment "PIA"
- Data Protection Officer (DPO)
- Complete the General Awareness of GDPR | Data Subject | European Data Subjects section and click Next:
- On the pages that follow, answer the required questions and click Next at the end of each section.
Some questions require additional information if you select Yes or No:
- When you have answered all required questions, click Continue to complete the declaration:
- On the Declaration Complete page, complete the optional feedback survey and click Send Feedback.