GDPR compliance: ThroughTek reaffirms commitment to protect personal data and privacy
Taipei, Taiwan — April 26, 2018
The EU General Data Protection Regulation (GDPR), which aims to strengthen the protection of personal data and applies to any organization across the world collecting and/or processing personal data of the EU residents, will be implemented on May 25, 2018. ThroughTek always treats people's privacy with care of the highest level and strives to improve data security according to the international standards. In line with the GDPR, ThroughTek will be working continuously to ensure data processing is in compliance with data protection laws.
GDPR requires organizations to adopt the following principles for their operations:
1. Lawfulness, fairness and transparency
2. Purpose limitation
Personal data can only be obtained for specified, explicit and legitimate purposes.
3. Data minimization
Data collected on a subject should be adequate, relevant and limited to what is necessary in relation to the purposes for which they are being processed.
Personal data must be accurate and where necessary kept up to date. Individuals have the right to request that inaccurate or incomplete data be erased or rectified.
5. Storage limitation
Information concerning identification of data subjects should not be retained longer than necessary.
6. Integrity and confidentiality
Personal data must be handled in a manner that ensures appropriate security of the data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage. In 2017, ThroughTek received ISO 27001:2013 Security Certification for its Kalay Platform’s cloud services and IT management systems.
Preparations in compliance with GDPR are well underway to ensure that ThroughTek products and services meet the requirements. Our team is working to review and expand our tools to help users understand their choices with respect to their personal data and maximizing control over their privacy.