General Data Protection Regulation (GDPR) ASSA ABLOY strives to conduct its business globally and in all its divisions in accordance with applicable data protection legislation. The General Data Protection Regulation (GDPR) of the European Union requires us to act fairly, responsibly and transparently when processing personal data. ASSA ABLOY has a focused, structural and systemic approach to data protection and personal privacy. Our global ASSA ABLOY Data Protection Compliance Programme is designed to protect the integrity of the personal data of our employees, customers and partners worldwide. ASSA ABLOY has dedicated resources within the Group that continuously address worldwide compliance with data protection regulations, including the GDPR. We ensure the security of personal data by employing processes and arrangements that operate in accordance with recognised security standards. In instances where the rights of individuals are compromised, we conduct an impact assessment in accordance with our standard procedure. We are aware that privacy legislation is constantly evolving. ASSA ABLOY has invested significant resources in increasing compliance of its privacy programme with data protection legislation and has introduced training in this respect. We continuously monitor privacy developments to ensure that our guidelines, processes and procedures are relevant and appropriate. We are committed to ensuring good data governance and to justifying the trust of all stakeholders in our responsible long-term management of their data and data security. To learn more about the General Data Protection Regulation, please see the official statements of the European Union on the General Data Protection Regulation (GDPR).