The GDPR Policy is a Data Protection legislation that is designed by the EU Data Protection Directive. Full GDPR rights for individuals: the right to information, right to access, right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object, right to automated decision-making, and profiling right.

These regulations aim to give consumers more control over their data. This is achieved by increasing fines for companies that do not take customer data security seriously to €20 million (4% of turnover) and growing consumer rights to access data stored by companies.

GDPR came into effect on 25 May 2018 and applied to all companies that store or process the personal data of EU citizens.

How GDPR Concerns you?

This policy affects you in such a way that when you use Deluxe Transfers, we store all your data of yours on our servers. Through this, our website gets access to your data, then issues documentation for your journey and ensures that you travel safely and smoothly. 

Responsibilities of a Customer

If you find any issue, ensure your complaint with the GDPR. In such a situation we recommend you to contact a legal professional regarding the policy if it’s affecting you in any way.

If you contact a legal; the ICO recommends 12 steps to go through;

Awareness: Make sure decision makers and key people in your organization know that the law is changing with the GDPR. 

Individuals rights: Make sure to check all the procedure ensuring that it covers all individual rights which include your data.

Subject Access: Update all your procedures according to and plan how you can handle request access.

Retention Information: You must document your personal data, where it comes from, and with whom it is shared. Organize it accordingly.

Consent: Always review how you seek and record for consent whether you need to make changes or not. 

Lawful Basis of Personal Data: Make sure to identify the legal basis for your data processing.

Transfer of Personal Information: You should review the current privacy notice and develop a timely plan for any changes necessary to implement the GDPR.

Data Protection by Design and Data Protection Impact Assessment: You should review the ICO Code of Practice and the latest Article 29 Working Group recommendations on Privacy Impact Assessment and determine how and when your organization will implement it. 

Data Protection Officer: You must designate who will be responsible for data protection compliance and evaluate how this role fits into your organization’s structure and governance practices. 

Children: Be careful before putting your system in hands of underage and obtain parental guardian rights before any processing of data.

Data Breaches: Make sure you have and you use the right procedure to detect reports and investigate the personal matter.

International: If your organization operates in more than one EU member state, you must identify the main data protection supervisory authority. 

If you have any questions please use our Contact Us page alternatively.