Yes. We carried out a full programme of activities in relation to GDPR compliance in the run up to implementation and the period since. Protecting our customers’ data is a fundamental priority for Bink. GDPR gave us a great opportunity to deepen our commitment to data protection. We made changes to Bink policies, processes, documents and systems to ensure that we comply with the requirements of the regime and continue to put the rights of our customers in relation to their data first. Bink also works closely with our retailer partners to help them to meet their requirements under GDPR in relation to the services we provide.
As an organisation that will process significant amounts of personal data (e.g. name, partial card details, email address) Bink made a number of material changes in order to ensure that we are compliant with GDPR.
This includes:
- Mapping all personal data processed by Bink and our third-party suppliers
- Carrying out a gap analysis of GDPR requirements against our then-current systems, documentation, processes and policies
- Making changes to those systems, policies, processes and documentation in line with the new requirements
- A comprehensive update of our customer facing Privacy Policy – this is the document which would be provided to customers when they enrol for Bink
- Reviewing and updating third party contracts, as and where appropriate
- Training employees on the requirements of GDPR and Bink’s data protection procedures