Atea compliance with GDPR

GDPR (General Data Protection Regulation) is the EU regulation for protection of personal data that came into force at May 25th, 2018 and it has replaced the 95/46/EC Directive for protection of personal data. Regulation has strengthen the rights that EU citizens have over their personal data.

Atea values privacy, for both our customers and our employees. We are committed to GDPR compliance. To comply with GDPR requirements, Atea has evaluated all areas related to personal data across Atea:

  • Mapped and analysed all systems/applications collecting personal data to make all systems GDPR compliant
  • Implemented new common Data Subject processes
  • Adjusted processes handling personal data – Services, IT, Sales, Marketing, HR to make processes processing personal data to be GDPR compliant
  • Evaluated services where we process personal data for our customers to sign Data Processing Agreements where needed
  • Evaluated vendors and sub-contractors to sign Data Processing Agreements where needed

In parallel to the GDPR implementation, Atea has evaluated all data centres, offices and infrastructure based on ISO 27001 requirements for securing the best possible security of personal data. GDPR Awareness training has also been carried out to employees across Atea.

All Atea subsidiaries have implemented the same security controls and processes to unify the security level across the Atea Group.

To ensure continuous data protection and fulfilment of GDPR requirements, Atea has Data Protection Officers in all Atea subsidiaries and GDPR compliance will be monitored with regular audits.

Bruno Jänes
Teenuste- ja müügi arendusdirektor