1. What is the EU General Data Protection Regulation (GDPR)?
The EU General Data Protection Regulation, GDPR, which entered into force on 25 May 2018, enforced stricter requirements on processing personal data and introduced completely new obligations for companies. The purpose of the regulation is to strengthen the privacy and data protection of EU citizens, which is a fundamental right belonging to everyone.
A group of experts set by the Advisory Committee on Information Management in Public Administration (JUHTA) will publish pieces of video training and web tests concerning data protection and data security, which you can find at: http://tietosuoja.vahtiohje.fi/fi/#/front
For further, general information on the GDPR, please visit the website of the Data Protection Ombudsman.
2. How the GDPR was taken into account at Finago?
An Accountor Group-level project was launched in 2016 to respond to the requirements stipulated by the General Data Protection Regulation in our day-to-day operations. We designated a data protection officer as well as persons, from each unit and company, responsible for data protection matters within their respective organization. The project included different work stages, such as documentation, training as well as process and system changes.
For our customers, we offer a myGDPR tool, which helps to ensure that the organization is GDPR-ready.
3. What impact the GDPR had in practice?
We updated our general terms of agreement and instructions related to those since the GDPR sets out requirements for managing subcontractors.
At the group level, we assessed the data protection impact in relation to the systems we use and in our product development activities. We described and analyzed
risks related to the processing of personal data in order to ensure the compliance with the regulatory requirements.
Providing personnel with data protection training was an essential part of the project.
At Accountor Group, we will closely monitor any amendments made to data protection laws, such as the modernization of the EU Directive on privacy and electronic communications and authorities’ interpretations and statements on the GDPR.
All actions required for the fulfillment of the GDPR requirements related to systems, processes and instructions were implemented before the GDPR entered into force.
4. Other publications related to the GDPR
A set of informational and instructional documents about GDPR, the GDPR file vault view, has been added to Procountor including descriptions on personal data processing activities and other documents related to the GDPR which you may download for your own use. The GDPR file vault is available from the Basics menu.
As for Tikon, the same data protection material are available in customer pages with the name ”GDPR – tiedostopankki”.
- Accountor Finago customer agreement general terms in which the terms and conditions of data protection (DPA) are described in section 4
- Webinar recording: Riikka Lehtinen – GDPR & accounting offices as data processors (in Finnish)
- Finago myGDPR tool (in Finnish) is especially designed for accounting offices that want to make sure they meet GDPR obligations
- On our blog:
- Code of conduct
Questions about the GDPR
If you have any questions concerning data protection, please contact us at [email protected]. Our Data Protection Manager is Tiina Rantala.