GDPR

Certified under the international standard ISO 27701 for privacy information management in compliance with the GDPR.

GDPR Program Overview – Verifiable Trust
The goal of the iland General Data Protection Regulation (GDPR) program is to ensure that customers (Controller entities) have assurances of regulatory oversight as well as the ability to perform direct audits of iland as defined under Article 28 of the GDPR regulation.

It is important to understand that the GDPR is not just an IT function but a high-level organizational activity that encompasses the entirety of an organization, from IT through Marketing to Development and Quality Assurance down to the very end user, the Data Subject.

iland can best evidence iland’s compliance with the GDPR with iland’s ISO 27701:2019 Privacy Information Management certification as well as iland’s registrations with various EU and UK data protection authorities.

Risk, Privacy and Security
At the foundational level iland operates in accordance with international standards around privacy and security. These foundational pieces include:
ISO/IEC 277001
Privacy Information Management
PM 724484

ISO 27701
The international standard for security techniques and privacy information management systems (PIMS), ISO 27701 is an extension of ISO 27001. ISO 27701 ensures that an organization you are working with adheres with the General Data Protection Regulation (GDPR) as a Controller and/or a Processor of personal data.

iland maintains an ISO 27701 certification for iland’s activities as a Processor of personal data for our customers. We are very proud of our results and customers may request a copy of iland’s ISO 27701 certification to review iland’s commitment to GDPR compliance and data processor activities.

ISO/IEC 27001
Information Security Management
IS 647921

ISO 27001
The international standard for information security and risk management, the ISO 27001 certification ensures that the organization you are working with adheres to the best practices for data protection as well as extensive risk management evaluations.

iland maintains ISO 27001 certifications for its data centers as well as full corporate review and certification of its operations. We are very proud of our results and customers may request a copy of iland’s ISO 27001 certification to review iland’s commitment to information security and risk management.

The iland Approach

iland has taken an aggressive risk-based approach utilizing ISO 27001, ISO 27701, SOC2, and CSA standards to ensure proper governance and management of risk and security for all data collection and processing.

Additionally, customers of iland are encouraged to review iland’s third-party auditor certificates and reports as well as ask for more details regarding iland’s privacy management system and approach to GDPR compliance. iland’s compliance documentation is made available to customers to ensure that as a Processor, iland is transparent and can meet the Controller’s compliance needs.

Legal
As a Processor, iland has Data Processing Agreements (DPA) with Standard Contractual Clauses (SCCs) available for execution with Controllers upon request via iland’s legal team. Additionally, iland has a Data Protection Officer (DPO) to manage iland’s relationship with EU and UK Data Protection Authorities, handle Data Subject requests, and manage breach notification processes.
iland Data Protection Officer (DPO) Contact Information:
Office of the Data Protection Officer
ATTN: iland GDPR

Office of the DPO:
GRCI Law Limited
Unit 3, Clive Court, Bartholomew’s Walk, Cambridgeshire Business Park, Ely CB7 4EA, United Kingdom

Expert Compliance Services
The iland Secure Cloud platform provides many of the control mechanisms and reporting needed to address compliance requirements. However, both configuring the environment according to your needs – and sifting through the paperwork of an audit – is best done hand-in-hand with an iland certified compliance professional.

Learn more

Join the companies doing great things with iland

UK Client Testimonials