The EU General Data Protection Regulation (“GDPR”) comes into force across the European Union on 25th May 2018 and brings with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, GDPR has been designed to meet the requirements of the digital age.
The 21st Century brings with it broader use of technology, new definitions of what constitutes personal data, and a vast increase in cross-border processing. The new Regulation aims to standardise data protection laws and processing across the EU, affording individuals stronger, more consistent rights to access and control their personal information.
Nexia International (Nexia) is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of the GDPR and its subsequent integration into the UK’s Data Protection Bill.
Nexia is dedicated to safeguarding the personal information under our remit and in developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of, and appreciation for the new Regulation. Our preparation and objectives for GDPR compliance have been summarised in this statement and include the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure maximum and ongoing compliance.
Nexia aims to be fully compliant with the GDPR by 25th May 2018. Our preparation includes the following actions:
We ask you to provide necessary information relating to your staff for the purposes of running the network. This information is solely used to facilitate communications and processes approved by the international board of directors. Please ensure that you adhere to local regulations pertaining to providing this information about your people for processes by Nexia. Member firms are responsible for obtaining the consent and recording such consent for each employee that is represented on the Nexia website and for ensuring that their details are removed from the Nexia website when they are no longer employed by the member firm.
In addition to the policies and procedures mentioned above that ensure individuals can enforce their data protection rights, we provide easy to access information, via the Secretariat, of an individual’s right to access any personal information that Nexia processes about them and to request information about:
Nexia takes the privacy and security of individuals and their personal information seriously and takes every reasonable measure and precaution to protect and secure the personal data that we process.
Nexia has designated the Executive Manager as our Appointed Data Protection Person for the development of the data privacy and implementation our roadmap for complying with the new data protection Regulation. Everyone in the Secretariat is responsible for promoting awareness of the GDPR across the organisation, assessing our GDPR readiness, identifying any gap areas and implementing the new policies, procedures and measures.
Nexia understands that continuous employee awareness and understanding is vital to the continued compliance of the GDPR and we have involved our employees in our preparation plans. We have implemented an employee training program specific to GDPR which will be provided to all employees prior to May 25th, 2018, and forms part of our induction and annual training program.
If you have any questions about our preparation for the GDPR, please contact the Executive Manager via email at firstname.lastname@example.org or at the Secretariat in London.
Chief Executive Officer
18 May 2018
Missing R&D tax relief? Our member firm in #Scotland can help! https://t.co/gZscZExcTT
Discover the key topics discussed at the Nexia EMEA Tax Group Meeting 2018 (Spanish): https://t.co/PkEm1qgSSn https://t.co/7VPtnJA6oE
#Hungary As of 1 July 2018, it is obligatory to provide data of the invoices containing charged value added tax at… https://t.co/6eA8ycYLEG
Facts & figures
© 2018 Nexia International Limited. All rights reserved. The trade marks NEXIA INTERNATIONAL, NEXIA and the NEXIA logo are owned by Nexia International Limited.