We respect your privacy and are committed to protecting your personal data
Being one of the UK’s leading suppliers of accounting, finance and accounts, payroll and recruitment process outsourcing services, we are committed to implementing the GDPR. Our team ensures that our clients and our businesses are prepared for GDPR before we commence the processing. We are ISO 27001 and ISO 27701 compliant organization and these standards validate the measures we have taken to;
BSI Case Study
QX Accounting Services has always honoured its clients’ right to data privacy and protection. We are the first outsourcing company in India to become GDPR compliant.
GDPR impacts data controllers and data processors alike, making it imperative for outsourcing companies (as data processors) to ensure that their data processing activities are carried out in accordance with the data protection principles set out in the GDPR. Failing to get data protection right is likely to damage your reputation, your customer relationships and, ultimately, your finances.
As the 1st GDPR compliant outsourcing company in India, we want our clients to be confident in knowing that we’ve taken all the necessary steps to not only keep their data secure but also to only collect and hold what is required.
We appointed a Data Protection Officer (DPO) and formed a cross-functional team of data protection specialists to analyse and address the new requirements of GDPR. Among other tasks, this team helps with transparency, Privacy by Design, and conducting Data Protection Impact Assessments (DPIAs).
While we already use state-of-the-art servers in UK for the storage of data, we implemented additional security controls to ensure we as data controllers meet the ‘accountability principles’ under the GDPR requirements.
We set up an official 72-hour, breach response plan that adheres with GDPR, and have an internal audit program for all processes to ensure QX is always in compliance with the rules set forth by the regulation.
All senior level staff has now undergone training to ensure they maintain a DPIA at the early stages of any project that involves personal data. We have also conducted awareness training at our Board level to ensure our leadership teams are well aware of QX’s obligations under GDPR.
As required by the ISO 27701 framework, we now offer all our accounting clients with Data Protection Agreements (DPA) with GDPR clauses as a standard. This enables QX Accounting Services and its clients to comply with GDPR requirements. All our revised written contracts are based on the ICO (Information Commissioner’s Office) guidelines, which include these terms:
At QX we appreciate the importance of the General Data Protection Regulation (GDPR) and how it affects outsourcing. To ensure our compliance to the UK regulation we took initiatives such as appointing a DPO and becoming compliant via the ISO 27701 framework. We also conduct awareness workshops about how to handle personal data so that everyone in the organisation speaks GDPR.
QX is proud to have Amit Simon, take on the role of company Data Protection Officer (DPO).
A Data Protection Officer (DPO) is someone who can enable compliance and is accountable for overseeing a business’s data protection strategy and its implementation to establish compliance with the GDPR requirements. And that’s exactly what Amit Simon does at QX.
Accounting firms are at the forefront of helping businesses and individuals prepare their tax returns, even at......
No doubt, 2020 has been dominated by the presence of COVID-19 and its......
2020 was a game-changer for accountants. The year was spent supporting clients and evolving into......
QX GDPR compliance bsi case study...
Get the monthly QXAS newsletter with curated content just for you