GDPR stands for General Data Protection Regulation. It is the European Union Regulation which replaced the Data Protection Directive (DPD). GDPR was approved by the EU Parliament on 14th April 2016 and involves the protection of personal data and the rights of individuals. Its aim is to ease the flow of personal data across the 27 EU member states. GDPR came into effect on 25th May 2018.

GDPR introduced 8 fundamental rights. These are:

MeDirect developed and implemented a GDPR compliance programme. As part of the programme, different initiatives are carried out on a continuous basis with both customers and employees. These include:

MeDirect ensures that your data is stored securely. Therefore, we have implemented and constantly updated our technologies to ensure that your personal data is protected from unauthorised access, unauthorised modification or loss. In instances where a third-party provides a service to MeDirect we ensure that they are contractually bound to implement adequate information security controls, including encryption, to safeguard access to your data. Data provided to those third-parties shall only be utilised for the sole purposes stipulated in the contractual agreement.

We have updated our Privacy Notice to reflect GDPR requirements. The Notice provides an explanation of what information we gather about you, what we use the information for and who we give the information to. The Privacy statement also sets out your rights as a Data subject and provides the MeDirect point of contacts to clarify any questions you might have on Data Privacy.

GDPR requires that at least one of the following six ‘lawful basis’ conditions applies, in order for us to process your data:

GDPR requires that at least one of the following six ‘lawful basis’ conditions applies, in order for us to process your data: