General Data Protection Regulation
(GDPR) Compliance Statement

The new European Union General Data Protection Regulation (GDPR) is the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April
2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, coming into force on May
25, 2018. GDPR sets new standards and compliance requirements for every company that holds or processes personal data. It replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data. The new European Union General Data Protection Regulation (GDPR) is the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, coming into force on May 25, 2018. GDPR sets new standards and compliance requirements for every company that holds or processes personal data. It replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data.

Blue Card Visa, having its representative offices in the UK and Germany are committed to high standards of information security, data privacy, and transparency, and to
managing data in accordance with legislation and regulation, including but not limited to GDPR. Blue Card Visa attests that it will comply with applicable GDPR regulations, while also working in conjunction with our customers, the data controllers, to help them meet their GDPR obligations.

Blue Card Visa has three main areas of focus in preparing for GDPR:

  1. Building on existing security and business continuity management policies, processes and controls, to ensure compliance.
  2. Performing gap and privacy assessment to support GDPR compliance for its customers, who use the Blue Card Visa services for their end users.
  3. Provision of services to help customers to understand and prepare for GDPR, develop.

Blue Card Visa officially states that it will achieve GDPR-compliance for itself and its services and provide all required means for its customers to be able to be GDPR-compliant prior to May 25, 2018.

Blue Card Visa is committed to providing solutions to support its customers’ GDPR obligations, whether through standard features or modifications or enhancements of its features and configurations. To this end, Blue Card Visa already does and will continue to offer:

  • Improved data availability, privacy (including encryption both at rest and at transit).
  • Use of industry-leading and security-certified cloud infrastructure providers and data centers with a high level of security, data confidentiality, integrity, and availability.
  • Continuous monitoring and auditing of logged events.

Furthermore Blue Card Visa attests that: all Blue Card Visa staff are familiar with GDPR and their personal responsibilities and are adequately trained upon induction and annually (or sooner if there is a major legislation change); the Privacy Policy and Terms of Service for its services are accurate, written in plain language and provide sufficient detail on what information is selected, how it is used and what is and is not acceptable use of the service; processing is lawful, fair and transparent; Data is collected for a specific purpose and the data is necessary for the purpose, can be kept accurate by means of the service features and not kept for longer than necessary; Data and infrastructure are kept secure; Blue Card Visa does not process sensitive information; Blue Card Visa has a notification process in case of breach.

The Blue Card Visa DPO can be reached at privacy@bluecardvisa.com

To Download the (GDPR) Compliance Statement please log in to your account.

© Copyright 2019. The contents contained in this website are copyright protected. Except with the prior written permission of the Management and/or other relevant copyright owner. No person may download, duplicate, reproduce, edit, publish, make available or disseminate through whatever means this website or any content contained in whole or in part.