Atea compliance with GDPR

GDPR (General Data Protection Regulation) is the EU regulation for the protection of personal data that came into force on May 25th, 2018 and it has replaced the 95/46/EC Directive for the protection of personal data. Regulation has strengthened the rights that EU citizens have over their personal data.

Atea values privacy, for both our customers and our employees. We are committed to GDPR compliance. To comply with GDPR requirements, Atea has evaluated all areas related to personal data across Atea:

  • Mapped and analyzed all systems/applications collecting personal data to make all systems GDPR compliant
  • Implemented new common Data Subject processes
  • Adjusted processes handling personal data – Services, IT, Sales, Marketing, HR to make processes processing personal data to be GDPR compliant
  • Evaluated services where we process personal data for our customers to sign Data Processing Agreements where needed
  • Evaluated vendors and sub-contractors to sign Data Processing Agreements where needed

In parallel to the GDPR implementation, Atea has evaluated all data centers, offices, and infrastructure based on ISO 27001 requirements for securing the best possible security of personal data. GDPR Awareness training has also been carried out for employees across Atea.

All Atea subsidiaries have implemented the same security controls and processes to unify the security level across the Atea Group.

To ensure continuous data protection and fulfillment of GDPR requirements, Atea has Data Protection Officers in all Atea subsidiaries and GDPR compliance will be monitored with regular audits.