In order to comply with GDPR, Euroclear Sweden has conducted a full assessment of impacts in our infrastructure, business and development setup.
To ensure compliance with the General Data Protection Regulation, we have initiated a project covering several sub-streams such as for example security, contracts and awareness.
We are taking a whole range of actions to comply with GDPR, of which the most important are:
- Implementing procedures for tackling efficiently data subjects’ rights/requests
- Creating processes to safeguard the rights of registered persons to information, inspection, electronic access to data, correction of incorrect information and deletion of personal data.
- Introducing data protection by default and data protection impact assessment when developing and updating our systems.
- Ensuring that all processing of personal data is done based on legal ground.
- Reviewing our contracts with data processors and ensuring that they follow the requirements of GDPR.
- Developing our list of systems and registers of personal data to comply with GDPR.
- Creating procedures for reporting, documenting and addressing any personal data incidents.
- Ensuring that impact assessments in respect of personal data processing are conducted when significant changes are made to our products, systems or business.
- Creating awareness about GDPR with internal e-learning and training.