ao link
My Account
Remember Login
New to Affino?
Remember Login
New to Affino?
Remember Login
New to Affino?
You are viewing 1 of 1 freely accessible monthly articles as an unregistered user

You will need to Register to read UNLIMITED articles. 

Already a Member?

Please Login or Register

Affino GDPR Client / Supplier Questionnaire

Frequently asked questions with answers for Affino’s GDPR compliancy.


Affino's GDPR Client Questionnaire

Your Affino GDPR Questions Answered

General Information

  • Company Name
    • Comrz Ltd trading as Affino
  • Questionnaire completed by
    • Markus Karlsson (CEO)
  • Date Completed
    • 25/5/2018


GDPR Awareness and Readiness

  • Is your organisation aware of the changes to data protection law under GDPR and how it will impact your business?
    • Yes, Affino have already made the relevant changes to our policies and procedures.
  • Have you undertaken formal gap analysis / an information audit against requirements under GDPR?
    • Yes
  • Have you initiated a project to achieve GDPR Compliance?
    • Yes
  • Do you expect to be compliant with GDPR by 25 May 2018?
    • Yes


Staff Involvement and Awareness

  • Have you appointed / will you appoint a Data Protection Officer?
    • Yes, Markus Karlsson (CEO)
  • Do you have a training program in place to ensure all relevant staff are aware of GDPR requirements prior to May 25 2018?
    • Yes


Data Governance

  • Have you created a record of your processing of personal data?
    • Yes
  • Please detail the personal data that your service or product collects, stores, processes or has access to.
    • Comrz Ltd trading as Affino processes and retains details within our CRM, including but not limited to, client name, company name, company contact details (address, email address and phone number/s), contact details (phone number/s and email address) of company personnel, and in some cases clients bank details (bank, sort code and account number).

    • Affino does not document or retain any credit card information.


Fair Processing and Privacy Notice

  • Do you intend to revise your Privacy Notice for GDPR?


Data Subject Rights

  • Do you have policies and procedures in place to comply with a data subject’s rights including their rights: to be informed; to access; to rectification; to erasure; to data portability; to object to direct marketing.
    • Yes


Data Transmission and Data Residency

  • Do you transfer personal data outside of the EEA?
    • No, no customer data is transited outside the EEA. Except where users have set up a public profile on a website which is then accessed internationally
  • If so, what steps have you taken to ensure GDPR Compliance?
    • N/A
  • Do you have a documented process for storing data and retaining it in line with GDPR requirements?
    • Yes. All data is stored on our secure servers, and protected with advanced security procedures and an array of defensive measures.
  • Has your organisation considered the GDPR Data Minimisation principle and reflected this in your relevant data retention policies?
    • Yes. Data held within our CRM database will be “flushed” automatically with data being deleted in as little as 4 months (starting in June 2018), and at a maximum of 6 years.
  • Do you encrypt personal data when you transfer it to 3rd parties?
    • Messages from our CRM are not routinely encrypted. Personal data is always encrypted when transmitted, and we only when send un-encryted personal data when requested to do so in writing.
  • Please describe how data that is transmitted is protected.
    • Encrypted


Data Breach

  • Have you documented your data breach notification procedures to meet GDPR requirements, and have all relevant staff been given adequate training in this?
    • Yes. A copy is available on-line here
  • Have you had any data breaches or large-scale data losses in the last 12 months?
    • No



Markus Karlsson Profile

Markus Karlsson, CEO | Founder, Affino

20 years of digital business experience with: Audi, BBC, Casio, Diesel, EMI, MasterCard, Rovio, UBM, UMG, and now Gill, Procurement Leaders, Briefing Media, Ocean Media, and IDG. Lead consultant for digital business transformation.




or Call +44 (0)20 3393 3240

Add New Comment
You must be logged in to comment.

Did you find this content useful?

Thank you for your input

Thank you for your feedback

Upcoming and Former Events

The PPA Awards 2021

The PPA Awards 2021

PPA Leadership Summit 2021

PPA Leadership Summit 2021

Affino Contacts

Markus Karlsson

Markus Karlsson

Quang Luong

Quang Luong

Stefan Karlsson

Stefan Karlsson

Driving business at some of the world's most forward thinking companies

Our Chosen Charity

Humanity Direct

And delivering industry leading awards

2016 British Media Awards - Technology Provide of the Year - Silver
2014 PPA Connect Awards - Procurement Leaders awarded Event Brand of the Year
2014 PPA Digital Publishing Awards - Procurement Leaders awarded Business Media Digital Brand of the Year (Again!)
2014 PPA Awards - Procurement Leaders awarded Business Media Brand of the Year (Again!)
2014 AOP Digital Publishing Awards - Procurement Leaders awarded Best Business to Business Website
2013 PPA Awards - Procurement Leaders awarded Independent Publisher Digital Product of the Year
2013 PPA Awards - Procurement Leaders awarded Business Media Brand of the Year
2013 PPA Digital Publishing Awards - Procurement Leaders awarded Business Media Digital Brand of the Year