An annual data security audit was performed in Edrana Baltic in accordance with the GDPR (General Data Protection Regulation). Part of our internal policy provisions related to the GDPR are also provided in the Code of Business Ethics approved in the company.
The General Data Protection Regulation establishes the principle of accountability of the controller which means that the controller (processor) is responsible for ensuring and being able to prove that the provisions of this Regulation are complied with. The principle of accountability is the cornerstone of the General Data Protection Regulation (GDPR). According to the GDPR, the company or organization is responsible for ensuring compliance with all the data protection principles and must be able to prove such compliance. The Data Security Policy of Edrana Baltic has been universally accepted and approved as proof of such compliance.