GDPR: Privacy is a core value for us.
Safeguarding personal data is integral to the way we conduct our business. Manag-E respects the privacy of our customers, employees and other stakeholders.
Manag-E Nordic AS is committed to complying with all relevant laws, regulations and rules, both in Norway and in international arenas where our solutions are used.
In recent years, there has been an increasing focus on data protection, driven both by cybercrime such as identity theft and data leaks/hacking on the one hand, and national and international legislation such as GDPR on the other. Generally speaking, this is about protecting people's data from misuse, but there's more to it than that. And Manag-E can help with several aspects of data protection.
We can divide the IT area that encompasses privacy into three:
- Processes: Processes for collecting, storing, updating and disposing of data; processes for monitoring data protection measures; processes for reporting/following up on data breaches; processes for assessing the privacy impact of software or databases (data protection impact assessment, DPIA).
- Data: Data about employees, data about customers, data about other connections; data that you store for others; what data do you really need?
- Agreements: Agreements with customers and suppliers on the storage and processing of data
Manag-E Nordic AS works specifically with the process area, both as an advisor and as a supplier of software for many aspects of these processes. It can be anything from data protection (encryption) to discovering where privacy-related data is located, to structuring a process in a process tool as a support for performing the processes. Combined with automation of some or all of these processes, a high level of data protection can be achieved without being too costly either financially or in terms of time.
Manag-E and privacy
Safeguarding personal data - privacy - is a core value for Manag-E and is integral to the way we conduct our business. Manag-E respects the privacy of our customers, employees and other stakeholders.
We take seriously our responsibility to ensure that the data we hold and process is accurate, used properly and secured by complying with internal privacy policies, applicable laws and contractual obligations. Our approach covers the entire lifecycle of this data, including collection, processing, use and disposal (deletion). We manage our own customers' and employees' data, process personal information on behalf of our customers, and provide solutions that enable our customers to collect and process personal data. We are committed to accountability and seek to maintain a robust privacy program.
Data protection legislation (GDPR regulation)
In May 2018, the GDPR came into force in the EU, and corresponding legislation for Norway came into force during July the same year. The Norwegian Data Protection Act (which builds on and refers to the GDPR) affects both data controllers (organization that determines the purposes and means of processing personal data) and data processors (organizations that process personal data on behalf of a data controller).
The General Data Protection Regulation (GDPR) affects Manag-E Nordic AS both as data controller and data processor. Manag-E acts as a data controller, for example when we process data about employees and business associates, and as a data processor when we process personal data on behalf of and under the instruction of our business customers through the provision of our products and services. Not least when we provide software as a service (SaaS).
Manag-E's approach to GDPR
Manag-E recognizes the importance of the GDPR and the significance of the changes it brings to us and our business customers. Privacy, data protection and security are at the core of our business and we are taking steps to ensure that our products and services meet the GDPR requirements from May 2018. As a data processor, it is our main goal to ensure that our business customers consider Manag-E as a partner in fulfilling the data protection requirements resulting from the GDPR.
Manag-E and GDPR compliance
Manag-E does not have its own GDPR "Compliance Program", but works with privacy under the leadership of the company's general manager. GDPR has been reviewed throughout the organization for the most important functions and processes. The GDPR team has conducted a privacy impact assessment in accordance with the GDPR, and focuses on (i) analyzing and addressing the impact of the GDPR on Manag-E's activities and (ii) improving Manag-E's information security, privacy and data protection routines to satisfy Norwegian and international requirements based on the GDPR.
Looking for a digitization partner?
By choosing Manag-E as your digitization partner, you ensure not only powerful tools, but also a dedicated organization with extensive experience in the field. Our seasoned team, with over 100 years of industry experience between them, supports our customers throughout the entire delivery process, even long after the implementation of the tools has been completed. Because if there's one thing we know, it's that every organization will need to change and evolve in the future.
We place great emphasis on establishing multiple points of contact for your business, from dedicated operational support to strategic advice and development. This allows us to work closely with you to realize joint ideas, implement improvements, and further develop the product and implementation in line with your future needs. We have the capacity and expertise to follow up on multiple levels and we are dedicated to ensuring our customers' success.
Benefit from a dedicated organization that has been finding digitalization solutions for the past 25 years.
Get in touch with us and let's find out what we can achieve together.