Personal data protection is a topic that any business has to face nowadays. The new rules introduced by the GDPR apply also to translation agencies. The implementation of a personal data protection policy to be followed by translators is absolutely mandatory and must be carried out in accordance with the applicable rules.
Of course, the whole process depends on the scale of a translation agency’s business and whether its translators work as freelancers only or also in house. A freelance translator cooperating with a translation agency, especially when he or she also employs other translators, should ensure that its business is compliant with the GDPR.
The GDPR and translators – where to start?
You should first check what measures have been taken so far as regards personal data security in your translation agency – this is absolutely a must. The best idea is to turn to a law firm or specialists trained in this area, that will help you implement the new regulation.
Verification of the existing data protection policy is the most important issue. You should verify whether your translation agency keeps separate personal data collections. This is very important in this type of business, as personal data is processed in this case on several levels.
Personal data protection in a translation agency
A translation agency or a translator, in particular a sworn one, must assure compliance with provisions regarding personal data protection, as there are several aspects of data processing in this business that require implementation of relevant procedures.
Marketing and a translation agency
Data protection in the translation industry is an extremely complex issue. Data relating to marketing operations, including gathering statistical data, can be processed in this business. Such operations are usually performed online and include:
- publication of a newsletter sent to customers that have subscribed for it,
- online quotation,
- placing orders online,
- using a form for contacts with the staff of the translation agency.
Personal data protection in a translation agency – certified translations
Sworn translators have always been obliged to keep Sworn Translator’s Records, audited by the Committee on the Professional Responsibility of Sworn Translators (KOZ) at the Ministry of Justice. This makes customers that entrust sworn translators with their most sensitive data confident that this data is stored and processed in a secure manner, controlled by state institutions.
In no case may such data be disclosed to third parties, except for certain authorized entities, for example Voivodship Offices, which may request to inspect the Translator’s Records. As for sworn translators, the implementation of the GDPR requires updating all procedures and verifying their course by qualified specialists.
The GDPR and the business of a translation agency
Personal data may include also other materials that are not intended to be rendered by a sworn translator. Each order received by a professional translation agency passes through a correspondence system or a website, to finally find its way into CAT software. Data storage in IT systems is a procedure that needs to be properly checked and secured.
All employees that deal with personal data should be trained in accordance with the latest General Date Protection Regulation. It should also be checked whether IT systems used in a translation agency and by translators cooperating with it have sufficient safeguards. If a translation agency renders translation services in cooperation with other companies, it is necessary to conclude with them agreements on entrusting personal data.