We acknowledge that privacy and privacy considerations play a vital role in our products. Compliance with the GDPR and related legislation is therefore a top priority for Spond. In addition to our internal resources, we use external privacy law experts and compliance technology.

While we see privacy compliance as continuous process, the main pillars of our privacy compliance efforts are:

  1. We make privacy assessments prior to and during development of new features and services

  2. We document our assessments and considerations

  3. We are transparent about how we process personal data

  4. We focus on competence and awareness within the organisation through training

More formally, in order to meet the legal requirements of the GDPR and other relevant privacy regulation, we have implemented an internal control system structured as follows:

The Steering documentation describes Spond's privacy strategy, roles and responsibilities and main principles of processing of personal data.

The Privacy policies and procedures describes procedures and work instructions that Spond have in place in order to process personal data in accordance with Spond’s privacy strategy and relevant privacy legislation.

The Monitoring documentation provides a check lists of privacy issues which Spond’s Data Protection Officer (“DPO”) must review at least annually to maintain an ongoing focus on privacy. The purpose of the check lists is to verify that the processing of personal data is carried out as described in the steering documentation, the privacy policies and procedures and relevant legislation.

If you have any further questions you can contact our DPO at privacy@spond.com.

Read more about GDPR at europa.eu

Did this answer your question?