Privacy Policy

On 25 May 2018, the EU General Data Protection Regulation (GDPR) will come into force, reflecting the importance of data protection in our increasingly digital world. MPB Structures Ltd is a UK Based organisation and for us it is important that the personal information of our customers and our own people is handled in accordance with GDPR.

The new regulation replaces the existing patchwork of directives and national legislation and brings a degree of long-anticipated consistency to the data protection landscape in Europe. This is setting the benchmark for other regions and many countries are following suit with equivalent arrangements. GDPR embodies the well-recognized privacy principles of transparency, fairness, and accountability.  GDPR also seeks to introduce a risk-based approach that enables innovation and participation in the global digital economy while respecting individual rights.

In our view, the digital economy can only flourish when you connect people, process, information and devices in an ethical, meaningful and secure way. That includes creating an environment in which everyone can easily do business and know their data is safeguarded. We are committed to helping our customers and partners by protecting and respecting personal data, no matter where it is from or where it flows.

What is MPB Structures doing to be GDPR-ready?

As part of our continuous focus on information security and data privacy we are getting ready for GDPR through a managed programme of activities in the following areas:
 
 

Privacy by Design

Integrating data protection, privacy, and security requirements into product design and development methodologies. Embedding privacy requirements in the development cycle from ideation to launch, to validation. In short, we use privacy engineering techniques to evaluate and build better offerings to turn privacy by design policies into actions and tangible improvements.

 
 

Third party management

Ensuring that MPB Structures valued partners and suppliers are best able to meet their obligations with respect to data privacy and establishing transparent arrangements through appropriate information sharing agreements. When we work with new suppliers or with long established strategic partners we look to apply industry leading standards that safeguard personal information.

 
 

Policies and procedures

Reviewing standards and processes to define the personal information lifecycle and help ensure data transparency, accuracy, accessibility, completeness, security, and consistency. Our Privacy Policy reflecting GDPR requirements sets the context for how we obtain, store and use information relating to our customers and our own people.

 
 

Information Security

Reviewing and improving our enterprise-wide information security framework, ensuring that incident response process remains effective and that confidentiality, integrity and availability of personal information is assured through appropriate technical and organisational measures

 
 

Information Governance

Mapping our data and identifying what we have, what we are doing with it, where it is, where it flows, and who has access to it. We classify data based on risk and sensitivity in context. That risk is data-led/ person-led allowing us to focus on the outcome and purpose of processing leads to a better and more holistic risk profile and informs the commitment of data privacy that we make to our customers.

Further information

As controllers we are responsible for complying with the relevant requirements under the General Data Protection Regulation (“GDPR”) in respect of the personal data that we hold in connection with the contractual relationship. We are taking steps to ensure that we meet these GDPR requirements by 25 May 2018.

As part of our GDPR Readiness activities and as required by the regulations we are updating our analysis of processing activities as part of our continuous review of how personal information is handled across our business operations, products and services. As work progresses our customers will be updated with key information including: