Introduction: The General Data Protection Regulation (“GDPR”) is a regulation in EU law on data protection and privacy for people in the European Union. The GDPR is an effort primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. The GPDR takes effect on May 25, 2018. While ThinkMed Consulting does not actively market to, solicit information from or sell/ship to individuals in the EU, below are details on changes we’ve made to comply with GDPR.
The GPDR provides individuals with the “right to be forgotten”. Organizations must comply with an individuals request for access to their personal information to update, retrieve or delete this information. Any such request can be directed to info@thinkmedconsulting and we will assist you in complying with these requests.
Our data collection vendors offer the functionality to allows customers flexibility on when contacts are added to ThinkMed Consulting database and to provide an opportunity for acceptable GPDR opt-ins.
GDPR limits the time an organization may retain data to “no longer than is necessary for the purposes for which the personal data are processed”. If there is a reason to discuss your data storage needs, please email us at info@thinkmedconsulting.
ThinkMed Consulting and its divisions maintain strict controls on data access. Permissions are strictly controlled by the ThinkMed Consulting Board of Directors. Customer data is anonymized whenever possible.
Vendor Obligations and Subcontractors: To support and enable delivery of our services to customers, we hire vendors to help us process our customers’ data. Some of these vendors provide our data storage and infrastructure and are an integral part of the services we provide while others provide important account management assistance. We will provide a list of our subcontractors to customers upon request.