With the implementation of the EU General Data Protection Regulation (GDPR) coming into force today, we wanted to assure you that we are confident in our preparations and adherence to this new legislation.
Like many of our customers and partners, we have a global internal project team focused on reviewing Sophos data handling practices and policies across the business. We have undertaken projects such as:
- Training our employees on correct data handling
- Implementing procedures to process requests from those we hold data on
- Undertaking data protection impact assessments
In addition to our own data protection processes, we also require that anyone with whom we share personal data in order to provide our services shows an ongoing commitment to GDPR compliance, including demonstration of security diligence and having appropriate contractual terms in place.
If you need information about how Sophos has responded to GDPR, or an updated contract or other legal support, please visit our Sophos and GDPR page.
If you are still undertaking your own reviews and projects for compliance, don’t panic – visit the Sophos GDPR resources, which aim to help all organizations meet their commitments.
You can also follow the latest news and advice on GDPR via our Naked Security News service.
Protecting sensitive data is the core of our business, it’s what we do 24x7x365 for more than 300,000 customers worldwide. As a cybersecurity company we are constantly vigilant about the security of our own business and customer data. We value the trust our customers, partners, employees and investors place on us every day.
We recognize that maintaining compliance with GDPR is an ongoing commitment and our efforts will continue beyond 25 May 2018.