3. Target Ink Ltd needs to be satisfied that you have appropriate cybersecurity certifications in place.Provide details of your organisation's technical and organisational measures which ensure that any personal data you hold is kept in accordance with the requirements under GDPR. Please include any Information Security certifications and Registrations you hold, for example:• ISO27001• Cyber Essentials• Cyber Essentials Plus
4. Is data protection training provided to staff?
5. Do you have data protection and related policies and procedures in place? (e.g. data breach management, data retention, subject access request, data security, cyber security).
6. In the last 3 years, have there been any breaches of your data protection policy (or anyrelated policies)?
7. In the last 12 months have you received any complaints from data subjects in respect of your treatment of their personal data?
8. In the last 12 months have you been subject to any action from the ICO?
9. Are all staff, agents and key subcontractors used to delivering similar contracts subject toobligations of confidentiality which comply with GDPR?
10. Will all of the personal data you are processing on our behalf be kept within the EU/EEA?