How does Merak address the new GDPR regulations?

24-05-2018 - in Merak newsletter

A retro television showing a Merak van

25 May 2018. That was the date when the new GDPR regulations were introduced. In order to be as prepared as possible, Merak asked for an external audit by Infosentry, specialising in information security and privacy. The conclusion? Merak was able to set up a mature privacy management system with minimal effort, fully in line with the existing information security management system.

GDPR in five points

GDPR is the successor to the guidelines that were approved in 1995, on which all European member states have based their national privacy legislation.

  • The GDPR guidelines state that data controllers and data processors must take technical and organisational measures to protect data from data breaches and hackers.
  • Companies must seek consent from data subjects in order to collect and use data.
  • The data that companies collect must have a purpose, and that purpose must also be clearly communicated. In other words, the declarations must be adapted in clear, comprehensible language.
  • Data breaches must be reported to the privacy committee within 72 hours.
  • Everyone has the right to ask companies what personal information they have and to delete that information.

Infosentry is part of Cronos Group, Belgium's largest IT consultancy company, with 25 consultants. It audits companies, makes assessments, organises implementation projects and helps companies obtain ISO certificates. “Merak asked us to carry out an independent external assessment,” says Cedric Brosens, Governance, Risk & Compliance Consultant at Infosentry. “They wanted to know where they stood, what GDPR meant to them and what were the pain points they had to overcome by 25 May.”

Archive manager of VRT

Opportunity

Brosens visited the Merak branches in Schelle, Mechelen and Vilvoorde, where Merak’s main activities take place. The entire organisation was thoroughly vetted, from HR and Marketing to Legal and the Scanning Department. Almost every service was discussed to get the widest possible picture of the GDPR applications at Merak. The audit took six days.

Brosens: “They were very intensive discussions with the person responsible for each department. What immediately struck me at Merak is how information security is embedded in the corporate culture. In addition, everyone was open-minded and saw GDPR not as a burden, but as an opportunity. In addition to being compliant, it was also a way for everyone at Merak to further improve their processes."

Concrete action plan

“I mainly explored the company’s GDPR maturity”, Brosens continues. “Merak is already ISO 9001 and 27001 certified, which is a great advantage. But the new regulations have specific requirements that Merak has not yet met. I mapped it and poured it into a report. Then I linked it to an action plan that Merak could work with. The recommendations were well received and the company immediately looked at how to complete them and integrate them into the existing processes. Most cases were quick wins and minor adjustments. It was a positive conclusion with a pragmatic action checklist, which could be implemented in a short time and efficiently with minimal effort in a privacy management system in line with the existing information security management system."

Archive boxes from Merak that are automatically taken to the right place

100 percent GDPR compliant?

According to Brosens, it's a utopia for companies to be 100% GDPR compliant. “There are too many nuances and uncertainties in the regulation. But Merak isn’t far off the mark and has taken the right steps to protect and safeguard customer privacy."

Employee transporting boxes on a trolley between storage racks

Need help with your request?

Advice & Frequently Asked Questions
Contact our experts

+32 (0)15 28 40 60

Monday to Friday, 8.30am-5.00pm

Klantendienst
Related messages
A close-up of a branch with two green leaves, one in the shape of a heart

March 2022 - in Merak newsletter

Green at heart, also in 2021
A close-up of wooden cubes spelling out GDPR with documents in the background

04-02-2020 - in BIS

BIS|Econocom and merak, a perfect match… thanks to unforeseen circumstances
Aisle between shelves filled with Merak archive boxes

23-08-2017 - in Merak

New on the market: Box@Home, the storage space that comes to you
Managing director Partena Professional

15-03-2018 - in Merak

Merak meets our needs to be perfectly compliant with our accreditations