Change2IT GDPR Compliance Statement

In this segment you can learn about the details of’s data handling. Change2IT program is created by People Come First Association, so we will show you the GDPR complience of PCF below.

The EU General Data Protection Regulation ('GDPR') is a big step by the European Union to meet requirements of the digital age. GDPR imposes new obligations on organisations that control or process relevant personal data and introduces new rights and protections for EU data subjects.

We want to share with you here briefly how People Come First ensures compliance with GDPR.

GDPR Compliance

Our preparation and objectives for GDPR compliance have been summarised in this statement and includes the development of existing and implementation of new policies, procedures, controls and measures to ensure ongoing compliance.

Our internal Information Security and Data Protection staff have worked to ensure that we meet the requirements of GDPR across our business.

PCF will comply with GDPR as a processor and controller of data, depending on the area and engagement. This has mandated working with our suppliers and partner organisations to ensure that they can also meet these obligations.

Our preparation includes:

  • Data Audit – we understand the data, how any why we process it, retention, and where required, DPIA

  • Lawful Basis for Processing – reviewed activities and confirmed the lawful basis

  • Information Security – confirm our technical and organisational controls are appropriate

  • Cookies and Privacy Notices– we have reviewed and updated our polices

  • Data Subjects Rights – we have reviewed our processes to ensure that the data subject’s rights are preserved including consent, subject access requests, right of erasure and correction

  • Data Breaches – our incident management procedures have been enhanced to ensure we meet the reporting requirements

  • Supplier Assessment – continue the process of supplier evaluation to confirm contractual and legal requirements are in place


If you have any questions surrounding PCF’s GDPR compliance, please contact us via email at

For the full, detailed Privacy Note click here.