Community Living Central York (CLCY) is committed to ensuring that its services comply with the European Union’s newly enacted General Data Protection Regulation (“GDPR”). The GDPR is a law that is designed to ensure European individuals’ rights to privacy and the protection of their personal data. CLCY is actively implementing procedures and processes that are designed to ensure that CLCY’s outreach to, and collection of data from, European individuals will be fully GDPR compliant.
Under the GDPR, CLCY is a “data processor” on behalf of its customers, who are the “data controllers CLCY will ensure that it solely processes European personal data as permitted by the GDPR, such as facilitating CLCY’s services to its customers. The GDPR requires that all processing have a lawful basis, and CLCY will be working with its customers to ensure that this lawful basis adequately covers all of CLCY’s processing activities. The intent of this collaborative effort is to ensure that both CLCY and its customers remain GDPR compliant when CLCY’s services involve outreach to, and the collection of data from, European individuals.
Finally, CLCY has actively engaged each of its service providers to obtain the necessary assurances that all sub-processing of personal data by those service providers complies with the GDPR. CLCY will make information about its subprocessors available to its customers, including notifications regarding any new subprocessors, on this webpage.
CLCY will provide further updates and information about its GDPR compliance efforts as needed, in the form of updates on this website. If you have questions CLCY’s GDPR compliance, please contact us at firstname.lastname@example.org.
Categories of subprocessing
Subprocessors assist CLCY in a few key areas:
- cloud hosting/storage
- smtp email services
- email automation