On May 25, 2018, the EU’s General Data Protection Regulation (GDPR) became effective, replacing existing EU data protection laws based on the 1995 EU Data Protection Directive. The GDPR strengthens privacy rights for EU individuals and extends the scope of responsibilities for businesses processing personal data of EU individuals.
Aspect has taken the steps necessary to comply with the legislation and equipped our customers to do the same by the May 25th effective date.
Under the direction of Aspect’s global GDPR project team, Aspect closely analyzed the requirements of the GDPR and is made the necessary modifications to its products and services, contracts, and documentation to support GDPR compliance for our customers.
Aspect conducted a full information audit and data mapping exercise covering all personal information on data subjects processed by Aspect in its role as controller and processor. This effort included all processing activities undertaken by Aspect by itself and on behalf of customers through Aspect’s products and services. The level of detail included, but was not limited to, the purposes of processing, data subjects, categories of personal data, lawful bases for processing, location of data and retention periods.