GDPR Statement
At Bureau Certification, we take our data protection responsibilities very seriously. We have taken all necessary steps to rigorously adhere to the EU General Data Protection Regulation (known as the GDPR).
Bureau Certification is a controller over the personal information we use to deliver professional certification and training services. This is because we make our own independent decisions about what personal information we need to deliver these services, and we decide what happens to this information.
In particular, we decide how personal information is used in delivering audits and when deciding upon certification by the standards imposed by Accreditation and Regulatory Bodies.
More information about how Bureau Certification uses personal information in its role as a controller is available in our Privacy Notice.
In addition to updating our Privacy Notice, we have also taken the following steps to achieve compliance with the GDPR:
We have conducted an internal audit of our use of personal information, to better understand our data flows and assess our legal basis for using personal information
We have reviewed our existing processes and procedures for handling personal information
We have updated our information security systems
We have trained all members of staff on data protection and GDPR
The way we operate our newsletter has not changed substantially. Subscribers have always had, and will retain, full control over whether or not they wish to continue receiving our In-Touch newsletter. We will continue to only issue this newsletter to our contacts who have signed up (or opted-in) to receive, and subscribers can unsubscribe at any time.
If you have any queries about this statement or our approach to data protection matters, please contact our data protection officer at info@bureaucertification.com
Updated: 16th April 2021