Next Gear Solutions has reviewed its systems and processes to ensure that we are compliant with the General Data Protection Regulation (GDPR). The GDPR is a regulation that requires businesses to protect the personal data and privacy of European Union citizens for transactions that occur within European Union member states.
Next Gear Solutions relies on Amazon Web Services (AWS) for hosting its software platform in the European Union. AWS is the ‘controller’’ for the NGS systems and AWS is compliant with GDPR.
Furthermore, in order to comply with Article 17 of the GDPR, Right to Erasure, commonly known as “Right to be Forgotten”, Next Gear has established a process that allows for data pertaining to EU citizens to be deleted or obfuscated upon written request. When that request is received and confirmed, Next Gear Solutions will identify those records and data that contain the customer information, and permanently delete the relevant data from its systems.
Next Gear Solutions maintains data backups for up to 14 days, but subsequently, that data will be permanently erased after that period from backup stores. Upon completion of the erasure of data, Next Gear Solutions will notify the requesting company of its completion.
Next Gear Solutions takes it responsibility to data security very seriously and tightly controls access and where it is stored.