GDPR

GDPR Statement

In May 2018, the EU General Data Protection Regulation (GDPR) replaced the 1995 EU Data Protection Directive (European Directive 95/46/EC).

Leenix Ltd is (and has always been) committed to ensuring policies and procedures are in place to ensure client data privacy and are registered with the Information Commissioner’s Office ICO).

We welcome the GDPR as an important step forward in streamlining data protection requirements across the EU and as an opportunity for Leenix Ltd to deepen our commitment to data protection.

In accordance with GDPR, Leenix’s ongoing compliance efforts include:

Assessment

Leenix Ltd has carried out risk assessments on our procedures to identify any areas of concern regarding data privacy. This has covered a full review as to how, during the course of our daily business, we collect, use, store and dispose of personal data.

Leenix Ltd is aware that such assessment is an ongoing process.

Contractual Commitments: Customers & Suppliers

Compliance with the GDPR requires a partnership between Leenix Ltd and our customers in their use of Leenix services. In so much as Leenix Ltd provides such requested services, we will generally act as a data processor and our customers will generally act as a data controller.

Working together, we hope to explore opportunities to assist our customers meet their GDPR obligation but we encourage our customers to independently familiarise themselves with the GDPR. It is the responsibility of the data controller (and not the data processor) to ensure any such request meets their obligations. For example, in the issuing of contractual documentation for requested services.

Leenix Ltd has reviewed its supplier contracts to ensure GDPR compliance throughout its supply chain.

Employee Training

All Leenix Ltd employees have undertaken data privacy and security training and understand their personal responsibilities. This is an ongoing process and we will continue to provide training covering a variety of topics, including data protection, security, privacy and risk evaluation.

Rights of the individual

As part of GDPR, Leenix Ltd acknowledge the rights of the individual:

  • to obtain information regarding the personal data we store about them
  • to obtain information regarding how we store and process their personal data
  • to obtain information regarding how long their personal data is held
  • for the processing of their personal data to be compatible with the consent they provided
  • to ensure the stored personal data is kept up to date
  • to request for their personal data to be deleted and/or forgotten
  • to be made aware of the risks, rules and safeguards in place

Types of data

Leenix Ltd is committed to ensuring the privacy of all personal data. We have identified two types of personal data we process:

1. Business Data: personal data we use in the day to day running of the company.

2. Project Data: personal data that is processed via the project requests made by our customers.

Storing data

All data held by Leenix Ltd is secured by numerous security measures. We block all public access to our systems with the exception of protocols required to deliver websites we host.

We take a multi-layered approach to security on our infrastructure. Using a collection of well known and tested security measures, along with some bespoke adaptations, to keep our customers data safe from unauthorised access.

Where appropriate we will inform and advise customers about secure transport layers such as SSL, implementing these into the services we provide to them.

We offer a fully managed service, with only key employees having access to our systems in order to provide essential maintenance and development activities.

As a data controller for our ‘Business Data’, we ensure our data processors are GDPR compliant.

Ensuring data compliance

When processing data, we undertake the following:

  • The processing is lawful, fair and transparent
  • Data is collected and used for a specific & transparent purpose
  • Data is accurate and up to date
  • Data is kept safe and secure
  • Where personal data is processed as part of ‘Services Data’, this is on behalf of a client and still part of strict privacy controls.
  • We ensure our suppliers have procedures in place
  • We have a rapid response notification procedure in place for any breach

Latest News & Blog

Postfix limit mail to predefined IPs for specific domains

2023-02-20

HOWTO: Accepting email from only a predefined whitelist of IPs for specific subset of domains in Postfix.

CSS Tricks: Using images as checkboxes in your html forms

2018-12-07

How to use replace the default checkboxes in your forms with custom images

Unable to install php7.2-zip on Ubuntu 18.04

2018-10-02

Opps -- missing repo

Contact Leenix to discuss how we can work alongside you and your business.