Carnegie Dartlet is ready for the implementation of the EU General Data Protection Regulation (GDPR) on May 25, 2018. Carnegie Dartlet has reviewed and updated its: privacy policies; consents for the collection of personal data; and internal data handling procedures. As a result, we are prepared for and committed to GDPR compliance as of that date. Carnegie Dartlet has a group assigned to oversee its GDPR readiness, implementation, and ongoing compliance.
Carnegie Dartlet’s GDPR compliance and implementation efforts include the following:
Carnegie Dartlet is reviewing where and how our relevant services collect, use, store and dispose of personal data and updating policies, standards, governance and documentation as needed.
Working in conjunction with our partners and customers, Carnegie Dartlet is reviewing our contractual commitments and updating them as necessary to directly address GDPR requirements. Carnegie Dartlet is also reviewing its supplier and customer contracts to ensure GDPR compliance as both a data controller and a data processor.
Employee Training and Awareness
Key Carnegie Dartlet employees have been briefed on GDPR requirements and compliance. Through detailed internal education and policy development and training, the Carnegie Dartlet team is prepared for the requirements of GDPR.
Carnegie Dartlet Partners
Compliance with the GDPR requires a partnership between Carnegie Dartlet and our partners in their use of applicable Carnegie Dartlet services. In this context, Carnegie Dartlet generally will act as both a data processor and as a data controller. Depending on the source and use of personal data, our partners may act in one or both of their capacities. Carnegie Dartlet is committed to working without our partners to maintain GDPR compliance as personal data is collected, shared, stored, maintained and utilized.
Carnegie Dartlet Contact
Carnegie Dartlet has named Meghan Dalesandro, the company’s Chief Operating Officer, the key point of contact for concerns or questions related Carnegie Dartlet’s compliance assurance, procedures, and any inquiries related to data management under these guidelines.