Close Icon
ClearView Icon
Man in suit selects icon of a padlock

How will GDPR impact your access control systems?

There needs to be an increased focus on data protection and data security to meet GDPR.

Industry News
How will GDPR impact your access control systems?

Your access control system collects, records and processes large amounts of personal data. Some of this may be critical and sensitive. For example, the cardholder’s (data subject’s) name, employee number, PIN code, photo ID and CCTV footage.

Access control systems also record cardholders’ movements.  From this data, you can monitor a person’s behaviour.  Cardholders are often unaware of the personal data captured by access control systems, how long it’s stored, whether it’s stored securely and where and to whom it’s been distributed.

Protecting the cardholders (data subject’s) personal data 

Access control systems are normally considered as securing a building. The protection of cardholders’ personal data is often overlooked – and can easily be violated. For example, a system administrator is often able to view the access control transactions of all cardholders. This right can be abused by browsing the information for non-security-related purposes. Under GDPR, this would be classed as a “data breach”.

In the new GDPR world, it’s important to consider the security of the cardholder – as well as the building.  A well designed system can achieve both.

How to ensure your access control is GDPR compliant

There needs to be an increased focus on data protection and data security to meet GDPR.  This should be considered from the design phase – particularly with respect to accessing, rectifying and erasing data.

The following aspects should be considered when deploying an access control system:

  1. Purpose for identifying cardholders
  2. Type of data – and who has access to it
  3. Method of data entry (manual or automatic)
  4. Storage location and retention period
  5. Sharing data with third parties

ClearView can support you ensuring that your access control system is GDPR compliant.  Visit us at IFSEC 2018 (Stand B556) at the Excel Centre, 19-21 June to discuss how we can help – and see our GDPR compliant access control, ANPR and visitor management systems in action.

Fully Accredited

Peace of mind through certification to the highest industry standards.


Over 25 years providing bespoke CCTV, Fire Protection & Access Control security solutions from our 2,000m² HQ in Essex.

Security Specialists

Complete fire & security service with rapid response 24/7, 365 days a year.

FPA Protection Association Member 2021