The EU General Data Protection Regulation (GDPR) replaces the 1995 EU Data Protection Directive. The GDPR strengthens the rights that individuals have regarding their personal data and seeks to harmonize data protection laws across Europe, regardless of where that data is processed.
Fluidity Software Solutions (FSS) is committed to GDPR compliance. Additionally, we are committed to helping our partners comply with GDPR by providing stringent privacy and security protections that are built into our service and contracts.
FSS’s partners will typically act as the ‘data controller’ for any personal data they provide to FSS in connection with their use of FSS’s services. The data controller determines the purposes and means of processing personal data, while the data processor processes data on behalf of the data controller. FSS is a ‘data processor’ and processes personal data on behalf of the data controller when it uses FSS’s services.
Data controllers and data processors are responsible for implementing appropriate technical and organisational measures to ensure and demonstrate that any data processing is performed in compliance with the GDPR. Their obligations arise from the data protection principles which require lawfulness, fairness and transparency, purpose limitation, data minimisation, and accuracy, as well as fulfilling data subjects’ rights with respect to their data.
If you are a data controller, you will find guidance on your responsibilities under GDPR by regularly checking the website of your national or lead data protection authority. In the case of the UK, this is the Information Commissioner’s Office at ico.org.uk.
You should also seek independent legal advice relating to your status and obligations under the GDPR, for legal advice specifically tailored to your situation. Please bear in mind that nothing on this website is intended to provide you with, or should be used as a substitute for, such legal advice.
We are here to help you on your journey, here are some considerations you should look at:
Alongside other duties, data controllers are required to only use data processors that provide adequate guarantees as to appropriate technical and organisational measures so that data processing will meet the requirements of the GDPR. Here are some aspects you may want to consider when conducting your assessment of FSS: