Skriv ut siden

Preparing for GDPR as Controller

Visma process data about employees and customer contacts/users. In a few occasions, we may also process data about others. This is natural when running a software business. Our main efforts making sure we are compliant, are related to being transparent.  Enabling our employees and customer contact persons to understand why, what, when and how their personal data are processed. Our customer contact persons will find this information in our Privacy Statement.

As a Controller, Visma maintains catalogues of our processing activities which is the core of our internal control system. These catalogues describe why, how and when we process personal data. This work is done on a legal unit level (Visma subsidiaries) supervised by the DPO, and is based on corporate policies and guidelines issued by the DPC.

We are also ensuring that all data protection agreements (DPA) with subcontractors are sufficient in terms of protecting the rights of data subjects, as well as complying with provisions for transfer of data outside the EU/EEA as set out in the GDPR.

Utilising the power of digital marketing technology is key to Visma going forward. This involves creation of interest profiles such that only relevant information can be presented to stakeholders. Visma protect the rights of persons being exposed to this by explaining what we do and ensure the legal grounds for processing personal data for this purpose. In addition we will increase efficiency for stakeholders wanting to adjust their interest profiles, as well as withdrawing consent.

We use cookies to collect information on your interaction with our website and combine this with the data you provide us to build a profile so we can show you content tailored to your interests. By accepting, you allow us to collect and process your personal information as described here.