BCT Distributor News
Skip Ribbon Commands
Skip to main content
Sign In
{{'GLOBAL_MESSAGE_OR' | translate}}
{{'ELOQUA_BANNER_ACCEPT' | translate}}
{{'ELOQUA_BANNER_DECLINE' | translate}}

The ABCs of GDPR

​The ABCs of GDPR

The General Data Protection Regulation (GDPR) has been in effect for several months and no doubt you have received dozens of emails and web notices detailing what the companies you interact with are doing to comply. But do you know what GDPR is and its implications to our business?​

GDPR Basics

Briefly, GDPR was designed to protect European Union (EU) citizens from data and privacy breaches and to give individuals more control over their data. It provides new rules for obtaining consent to collect data, securing data and maintaining privacy. It applies to any company that holds or uses the personal data of any person residing in the EU—regardless of whether that company is based in the EU. Companies who do not comply are subject to penalties up to
4 percent of annual global turnover or EUR 20M (whichever is greater).


How Terumo BCT Is Responding to GDPR

Since last year, Terumo BCT has worked on the design and implementation of an appropriate data privacy program in compliance with GDPR requirements. Below is a summary of our efforts to date.

  • Data assessment and privacy risk reviews: We conducted an inventory of the data flows processed by Terumo BCT (such as human resources data, customer data and clinical data) and assessed the associated degree of risk to determine the appropriate technical and organizational safeguards.
  • Data register: We built a data register of all personal data processing activities and systems and will continue to update it as needed.
  • Public website privacy statement: We have updated our website Privacy Policy to explain how we protect visitors' privacy while interacting with our site. 
  • Data breach incidents: Data breach procedures will be published and shared soon. In the meantime, it is essential to notify the Privacy Office if you become aware of any data breach, such personal data being lost, stolen or hacked.  
  • Customer privacy: All our customer relationship management systems are private by design, and we provide an opt-in/opt-out tool for direct marketing. 
  • Cross-border data protection: We have an intracompany agreement to cover transfers of personal data to other Terumo BCT entities inside and outside the EU. 
  • Privacy shield: To facilitate and secure the processing of data received by our U.S. headquarters from our European affiliates, we are considering the EU/U.S. Privacy Shield self-certification. We will keep you informed on progress.
  • EMEA data privacy policy: We established privacy standards within our organization, and all EMEA associates have been trained on the importance of handling personal data with the utmost care.

We believe that raising awareness about the proper handling of personal data is the key to ensuring compliance. If you have any concerns or questions, send an email to privacy@terumobct.com.


You can also learn more about the regulation at U.K.'s Information Commissioners Office.​

{{'SEARCH_MODAL_TITLE' | translate }}
{{'SEARCH_MODAL_OR' | translate }}

{{'SEARCH_MODAL_BROWSE' | translate }}
{{$index+1}}. {{s.label}}