Responsibilities as a customer?
Creative Networks customers will typically act as the data controller for any personal data they provide to Creative Networks in connection with their use of our services. The data controller determines the purposes and means of processing personal data, while the data processor processes data on behalf of the data controller. Creative Networks is a data processor and processes personal data on behalf of the data controller when they use the Creative Networks Managed Services.
Creative Networks provides access to third party services who in their regard act as Data Processors.
Creative Networks is a Data Controller in its own regard when we hold specific data about our customers in order to provide our services.
Data controllers are responsible for implementing appropriate technical and organisational measures to ensure and demonstrate that any data processing is performed in compliance with the GDPR. Controllers obligations relate to principles such as lawfulness, fairness and transparency, purpose limitation, data minimisation, and accuracy, as well as fulfilling data subjects rights with respect to their data.
If you are a data controller, you may find guidance related to your responsibilities under GDPR by regularly checking the website of your national or lead data protection authority. In the UK this is the Information Commissioners Office.
As a Data Controller, you should seek independent legal advice relating to your status and obligations under the GDPR, as only a lawyer can provide you with legal advice specifically tailored to your situation. Nothing on this website is intended to provide you with, or should be used as a substitute for, legal advice.
Where should you start?
As a current or future customer of Creative Networks, you need to be prepared and compliant with GDPR. Here are some considerations:
- Familiarise yourself with the provisions of the GDPR.
- Create an updated inventory of personal data that you handle. You can use Creative Networks to help identify and classify data.
- Review your current controls, policies, and processes to assess whether they meet the requirements of the GDPR. If not, build a plan to address any areas that need amending.
- Consider how you can leverage the existing data protection features on Creative Networks as part of your own regulatory compliance framework.
- Regularly Monitor updated regulatory guidance as it becomes available.
- Consult a lawyer to obtain legal advice specifically applicable to your business circumstances.