RAW IT, a leading provider of IT services, is GDPR compliant in accordance with EU legislation. GDPR (General Data Protection Regulation) is a regulation from the EU that aims to protect personal data and the privacy of EU citizens.
As an organization that processes personal data on behalf of our customers, we have worked hard to ensure that our systems, processes and procedures comply with the strict requirements of the GDPR. We have conducted a comprehensive review of our data protection processes and implemented the necessary changes to ensure that we are fully compliant with the regulation.
RAW IT has always prioritized data protection and confidentiality, and our commitment to protecting our customers' data will continue. We will continue to monitor our systems and processes to ensure that our data protection practices are in line with the latest standards and best practices.
Data processor agreement
Since 25 May 2018, it has been a legal requirement to enter into a data processing agreement when one company gets another company to store and process personal data.
The data processing agreement is part of our general terms and conditions, and is based on a template prepared by the Norwegian Data Protection Authority.
RAW IT only stores and processes personal data categorized as "Ordinary personal data", examples of ordinary personal data include: Name and address, e-mail address, telephone number and picture.
You can find an example of our data processing agreement. here , however, the agreement is adapted to the individual customer according to sub-processors. You can find guidance for data controllers and data processors at, among others, the Danish Data Protection Agency.
The data processing agreement describes, among other things:
- What types of personal data we process
- What treatments we carry out
- What the purpose of the treatment is
- What the duration of the treatment is
- How we meet the requirements for secure data processing
- How we live up to the rights of data subjects
