On May 25, 2018 the new European Union General Data Protection Regulations (GDPR) legislation comes into force. The GDPR imposes new rules on organizations who offer goods and services to people in the European Union (EU) or collect and analyse personal data of EU residents. It replaces the Data Protection Act (DPA) and places considerable regulatory compliance documentation requirements for any business that deals with EU personal data.
Compliance with the GDPR is mandatory when storing or processing personal data of any EU citizen no matter where in the world the data is stored and processed, and is also mandatory for any organization established in the EU. The GDPR is an attempt to standardize the protection of user rights and data in a consistent manner for all European Union citizens. The GDPR regulates, among other things, how individuals and organizations may obtain, use, store, eliminate and secure personal data.
At Spring Lighting Group (SLG), we have always taken data security and data privacy extremely seriously. Our goal has always been to provide our customers with the highest level of data security and to be accountable for any personal information held in our systems. As such we constantly review and reinforce our security practices.
However, our front end websites at springleds.com and slgus.com do not accept, record, store or in any manner collect end user information outside of the basic log information collected by all web servers. This amounts to the basic information provided by your web browser such as IP address, browser type, OS and similar information. This information is used to for determining if our websites are compliant with the most popular client platforms, determining if our users have encountered any errors when visiting our site, and other basic information regarding the performance of our website. No personally identifiable information is collected or distributed. In the near future we will offer a portal that allows our representatives to login and perform various tasks, but we have no plans of implementing any type of system that would require personal data from customers or visitors to our sites.
In addition to not collecting any personal data, SLG does not advertise, sell, distribute to or in any way do business with customers in the EU. Access to our website is not specifically blocked for EU residents, at this time. As such we will not be complying with the various requirements of the GDPR since our business is outside of the scope of the regulation. If and when SLG starts doing business with customers residing with the EU we will update our compliance information.