GDPR: IT security and data protection at CM

GDPR: IT security and data protection at CM

2018 will bring some major changes in the legal landscape. One of these changes is the General Data Protection Regulation (GDPR), which comes into effect on May 25th 2018.

What is the GDPR?

The GDPR is one of the biggest changes in privacy legislation of the last decades. This new EU regulation replaces the current privacy laws in all EU member states and aims to protect the privacy of the European citizens. For that purpose, the GDPR obliges organisations to:

  • Ensure the security and confidentiality of all personal data they process
  • Minimise data storage
  • Provide transparent communication about any use of personal data 

The GDPR and CM

As a provider of electronic communication and transaction services, we process personal data for all our clients each day. Therefore, the GDPR and other upcoming changes in the legal privacy landscape have an impact on CM as well. That is why we have been closely monitoring these developments over the past years. We are constantly working on any adjustments or refinements needed to assure compliance with these new developments.

Ensuring compliance and providing a high level of data security is a top priority at CM. Over the course of 2017, CM has invested considerable efforts in certification of its procedures, in order to adhere to one of the key principles of the GDPR: accountability. Like many other companies controlling and processing data, CM will have to demonstrate its compliance. Accordingly, as part of our roadmap, we have acquired four ISO certifications that demonstrate the maturity of our processes in securing our CM Platform with continuous focus on IT Security. 

CM’s IT security and data protection

IT security and data protection are at the core of compliance with privacy legislation. At CM, we have been working hard to establish our privacy control framework, to review our processing procedures and to assess how we store and retain data in our systems using key GDPR concepts. These include, amongst others, privacy by default & design, data inventory and privacy impact assessments. our personnel receives continuous training and information to understand the meaning of privacy regulation and how this affects both CM and their work. Privacy by design is one of the key principles in the development of new services and improvements to our platform. 

You can rest assured that CM will continue to provide you with reliable and secure services. We will reach out to our suppliers and customers in Q1 2018 and share updated terms with regards to privacy and data protection.

For more in-depth information on how CM handles privacy and e.g. GDPR, continue reading here or visit the compliance page to find more on our approach to security and compliance in general. 


Enjoyed this article? Please share the news!




Continue reading

Next Improve engagement with mobile landing pages
Previous Innovative European financing for CM.com
Back To news overview

About the author

Charlotte van Raak is content marketer and makes sure our readers always have interesting blogs to read about how to engage with customers. During the day, she answers 1K questions in her role as communications advisor. At night she preferably sleeps.

Connect with Charlotte on

LinkedIn.