GDPR Preparation at Edenred Slovakia
GDPR Preparation Statement
The following statement addresses Edenred´s commitment to the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).
What is the GDPR?
The General Data Protection Regulation, or GDPR, is due to come into force on 25th May 2018. GDPR together with the Act. No. 18/2018 Coll. on the Protection of Personal Data will replace the current Act No. 122/2013 Coll. on the Protection of Personal Data (DPA). Whilst many of the new legislation´s main concepts and principles are aligned with the current DPA there are new elements and significant enhancements to strengthen and unify data protection for all individuals within the European Union.
Controler/Provider Provider are the companies:
- Edenred Slovakia, s. r. o., with registered seat at Karadžičova 8, 820 15, Slovenská republika, ID No. 31 328 695, registered in the business register at District court Bratislava I, Section Sro, Insert No. 3169/B („Edenred Slovakia“)
- Ticket Service, s.r.o., with registered seat at: Karadžičova 8, 820 15, Slovenská republika, IČO: 52 005 551, registered in the business register at District court Bratislava I, oddiel: Sro, vložka č.: 132404/B („Ticket Service“)
(folowing together as “Edenred”)
What is Edenred doing to prepare?
Edenred has a board level approved GDPR compliance project in progress. This has prompted a cross-business review to identify all areas where changes are required to our current policies and procedures to assure GDPR compliance is achieved. We have been engaging with legal data protection experts to ensure we interpret the new legislation correctly and apply it throughout the business. This project will establish and embed GDPR accountability principals to fully support our commitment to protecting all personal information held by Edenred.
Edenred GDPR Statement & scope considerations:
Edenred provide a diverse range af products & services to businesses in the Slovak Republic. We help organisations engage and motivate their people to achieve enhanced performance. This is echieved through the provision of unique and unrivalled total reward solutions; Employee Benefits, Incentives and Rewards. In addition the business model supporting a product can vary to align with client specific needs. To this end, our GDPR preparation statement aims to communicate the basis of our approach.
- Our Parent Company, Edenred Group SA, will be apponting a Data Protection Officer with global oversight in the coming weeks and this appointment will be communicated.
- The Edenred Slovakia GDPR compliance project is Board approved and managed by our Information Security & Compliance Officer.
- Edenred has identified employees with responsibilities for key areas of GDPR specialist knowledge.
- Edenred Slovakia is closely following the Article 29 Working Party Guidelines on various issues under Regulation 2016/679 as well as implementing regulations and guidelines issued by the Office for Personal Data Protection of the Slovak Republic for implementing GDPR.
- Edenred are conducting Information Audits. This activity will, in particular, enable Edenred to ensure that only personal information required for service delivery is collected and that such information is properly processed.
- Where required Edenred will conduct Privacy Impact Assessments.
- Edenred are conducting 3rd party supplier due diligence updated to accommodate GDPR standards.
- Edenred Slovakia is revising our contacts to incorporate the GDPR requirements and recommended GDPR clauses.
- Where required Edenred will be making software application and technical changes in support of our GDPR obligations.
- Edenred are updating our policies and procedures to promote and embed the ´data protection by design´principal.
- Edenred will be refreshing training for all employees to familiarise them with new operating standards and promote the key principals of GDPR.
Frequently Asked Questions:
Edenred processes employee personal information for over 33 000 clients in the Slovak Republic. This prohibits, in practice, conducting an efficient 1:1 dialogue with all clients about GDPR implementation. Therefore, in response to an increasing number of clients requests for more detailed infomation regarding Edenred products and services regarding GDPR compliance, we have started compiling a Frequently Asked Questions repository, which will be published in due course. While we are developing this, please email any question to firstname.lastname@example.org. When sending a question please indicate the Edenred product(s) you use and your company name.
If you require further infomation regarding Edenred´s GDPR Preparation, Edenred can work with you in more detail to provide you with more infomation. These requests may be subject to an NDA and may incur a fee depending on scope and size of the information or assistance request.