Our commitment to the General Data Protection Regulation (GDPR)


GDPR (General Data Protection Regulation) is the new EU regulation for protection of personal data that came into force at May 25th, 2018 and are the greatest change in data protection regulation over the past 20 years. It has replaced the 95/46/EC Directive for protection of personal data and will strengthen the rights that EU citizens have over their personal data.

Atea values privacy, for both our customers and our employees. We are committed to GDPR compliance.

To be ready an Atea GDPR Group Program has during last two years evaluated all areas related to personal data across Atea to be ready and compliant with GDPR.

o Mapped and analysed all systems holding personal data to make all systems GDPR Ready
o Implemented new common Data Subject processes
o Adjusted processes handling personal data – Services, IT, Sales, Marketing, HR to make processes holding personal data to be GDPR Ready
o Evaluated services where we process personal data for our customers to implement Data Processing Agreements where needed
o Evaluated vendors and sub-contractors to implement Data Processing Agreements where needed

In parallel to the GDPR implementation, Atea has evaluated all data centres, offices and infrastructure based on ISO 27001 requirements for securing the best possible security of personal data. GDPR Awareness training has also been carried out to employees across Atea.

All Atea subsidiaries have implemented the same new controls and processes to unify the security level across the Atea Group.
To ensure continuous data protection and fulfilment of GDPR requirements, Atea has Data Protection Officers in all Atea subsidiaries and GDPR compliance will be monitored with regular audits.