Helping you to be GDPR compliant

Similar documents
PS Mailing Services Ltd Data Protection Policy May 2018

Data Protection policy

This article will explain how your club can lawfully process personal data and show steps you can take to ensure that your club is GDPR compliant.

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

To help customers achieve GDPR compliance, Freshchat has introduced the following new features:

EU General Data Protection Regulation A Compliance Guide

Data Protection Policy

Eight Minute Expert GDPR

The types of personal information we collect and hold

Site Builder Privacy and Data Protection Policy

Accelerate GDPR compliance with the Microsoft Cloud

GDPR- the new General Data Protection Regulations. Staff PDM- 2 nd May 2018

center Guide to GDPR

OBTAINING CONSENT IN PREPARATION FOR GDPR

Arkadin Data protection & privacy white paper. Version May 2018

Requirements for a Managed System

WE ARE COMMITTED TO PROTECTING YOUR PERSONAL DATA

Website Privacy Policy

ARE YOU READY FOR GDPR?

Our agenda. The basics

GDPR: A technical perspective from Arkivum

Project Better Energy Limited s registered office is Witan Gate House, Witan Gate West, Milton Keynes, Buckinghamshire, MK9 1SH

The Apple Store, Coombe Lodge, Blagdon BS40 7RG,

ZIMBRA & THE IMPACT OF GDPR

2. The Information we collect and how we use it: Individuals and Organisations: We collect and process personal data from individuals and organisation

Data Protection policy (GDPR)

Pathways CIC Privacy Policy. Date Issued: May Date to be Reviewed: May Issued by Yvonne Clarke

GRAHAM JONES - PRIVACY POLICY

NHS R&D Forum Privacy Policy: FINAL v0.1 May 25 th 2018

Privacy Policy: North East Contemporary Arts Network (NECVAN)

Forms. GDPR for Zoho Forms

What kind of information do you collect, when and how?

MAID2CLEAN (FRANCHISE) LIMITED

PRIVACY NOTICE: UK NARIC ANNUAL CONFERENCE

Data Protection Policy

THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE

Privacy Policy 1.0 OUR CORE BELIEFS REGARDING USER PRIVACY AND DATA PROTECTION

DATA PROTECTION POLICY. Introduction:

Data protection is important to us

Privacy Statement Tai Ceredigion Cyf Site Privacy Statement

Data protection declaration

Website Privacy Notice

Version 1/2018. GDPR Processor Security Controls

TaxiMe Privacy Policy for Passengers

General Data Protection Regulation (GDPR) - A CANDDi perspective

Eight Minute Expert GDPR. Login. Password

Privacy Notice for Customers

Kohelet Policy Forum R.A. Site Legal Terms. What personal data we collect and why we collect it. Comments. Media. Contact forms and newsletter

Toucan Telemarketing Ltd.

GDPR AND WHAT IT MEANS FOR CRM AND CUSTOMER ENGAGEMENT MAY. A 7-step practical guide to achieving and maintaining GDPR compliance by 25 May 2018

Maitri Studio GDPR Compliance Policy

How will GDPR legislation affect B2C digital marketing?

Conjure Network LLC Privacy Policy

Just-Property Ltd GDPR Client Data Register

Website Privacy Statement

Spectrum Wellness Privacy Statement

Data Warehouse Risk Assessment (GDPR)

Data Protection Policy - Sustainable Hackney

ngenius Products in a GDPR Compliant Environment

Data Protection and GDPR

Spring Mobile Mini UK Ltd. Privacy Policy Spring 2018

GDPR Workflow White Paper

Lead Forensics Software Data Compliance Policy

THE GDPR PCLOUD'S ROAD TO FULL COMPLIANCE

TIA. Privacy Policy and Cookie Policy 5/25/18

Data Protection Policy

General Data Protection Regulation

ATHLETICS WORLD CUP PRIVACY NOTICE

MOBILE.NET PRIVACY POLICY

SHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT

Privacy Statement. Your privacy and trust are important to us and this Privacy Statement ( Statement ) provides important information

Privacy Policy. You may exercise your rights by sending a registered mail to the Privacy Data Controller.

PRIVACY POLICY. 1. Introduction

GDPR Policy WECare Worldwide

Frequently Asked Questions

ACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION

Eco Web Hosting Security and Data Processing Agreement

Data Subject Access Request Procedure. Page 1 KubeNet Data Subject Access Request Procedure KN-SOP

General Data Protection Regulation (GDPR)

Tucows Guide to the GDPR. March 2018

The isalon GDPR Guide Helping you understand and prepare for the legislation

PRIVACY POLICY. We will use the information that we collect about you in accordance with:

This guide is for informational purposes only. Please do not treat it as a substitute of a professional legal

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

ID. Category of personal data Source of the data

You can find a brief summary of this Privacy Policy in the chart below.

About Us. Privacy Policy v1.3 Released 11/08/2017

GRANDSTREAM PRIVACY STATEMENT

Data Protection Impact Assessment (DPIA) Last Updated: 21 June, 2018

Membership Privacy Notice. 31 August 2018

Under the GDPR, you have the following rights, which we will always work to uphold:

GENERAL DATA PROTECTION REGULATION (GDPR)

COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2

KantanMT.com. Security & Infra-Structure Overview

Prohire Software Systems Limited ("Prohire")

DATA PRIVACY & PROTECTION POLICY POLICY INFORMATION WE COLLECT AND RECEIVE. Quality Management System

Privacy and Data Protection Policy

EXAM PREPARATION GUIDE

GDPR Whitepaper for Compliance with the Diocese of Olympia

Google Cloud & the General Data Protection Regulation (GDPR)

Transcription:

Helping you to be GDPR compliant Helping you to be GDPR compliant 01 Privacy Compliance Dashboard Your campaign Privacy Compliance Dashboard is a transparent view where you identify the contact information for both your Controller and Protection Officer. Within this dashboard, you can map the individual personal data fields with the legitimate, lawful purpose for processing that information, in compliance with Article 13 section 2. 02 Subject Access Requests Under the new regulation, individuals have the right to see what information you hold about that person. In response to a Subject Access Request, you can share all personal information that you hold about that individual by viewing that persons data record on the People Page. Individuals have the right to have their data updated or removed, which you can do through editing or deleting that person s record, again from the People Page.

03 breaches breaches will happen over time and it is important to be ready to deal with them. Leader provides activity logs for team activity as well as a data export history. The majority of data breaches occur when passwords are broken or stolen. Leader gives you the ability to change passwords regularly and to build password best-practice into your team training. In this way you will avoid the most likely route to a data breach. Our mobile phone signup process with authentication code is a very secure onboarding system. In the event of a data breach you can request to see the login credentials that might be connected to the breach. 04 Obtaining Consent The new e-signature consent feature is available through the Ecanvasser apps. You can capture a person s consent along with their e-signature as evidence of consent should you need to contact a person in the future for a specific purpose. There are, of course, Unsubscribe functionality built into email contacts and No Contact status option in the main database. The consent statement needs to be a clear and unambiguous message, which provides individuals with 4 options of consent: 1. To be contacted regarding ongoing issue(s) which the individual has reported 2. To receive updates regarding this campaign for the duration of the campaign 3. To receive news updates regarding this candidate 4. To receive information regarding volunteer events *Custom options are available

05 Field Canvassing Face-to-face canvassing can be done in the community to capture non-personally identifiable data on voters. Anonymised data from this canvassing work is displayed in raw and aggregated form. Field canvassing also allows for consent to be captured and subsequently personally identifiable data such as email, name, address and social media handles. 06 Email When you are using individual email or email marketing functionality on Leader you will need certain functionality to comply with GDPR legislation. Leader provides advanced database filtering capabilities on the range of data points that you hold on voters. You also have filtering based on the consent settings you have collected from people. All emails can contain unsubscribe functionality so that individuals can opt-out of future contact. Email statistics and open rates are included in email analytics. DATABASE COMPLIANCE TERMINATION Secure base Minimization Permission Levels Breach Reportline Deletion Auto Log- Out Anonymised in DB Consent to Contact Settings Unscribe + No Contact Export Functionality Encrypted EU Server Activity Logs/ Timestamps E-signature Capability Privacy Dashboard Subject Access Requests

07 Deletion deletion is a necessary part of database management and we have permanent deletion functionality for all data points in Leader. Retention settings at the backend will hold deleted data for a period of one month as a backup. Your data retention policy is a key document in your GDPR compliance so the protocols you have identified there can easily be built into team training on the system. 08 Permission levels Permission levels are assigned to all new team members and can be changed at any time by a senior member of the team. Permission levels control access to database and the functionality of the product. Controlling the number of people with full access to your database is a key ability in managing your data protection. 09 Minimization With GDPR, you need to ensure the personal data that you capture is adequate, relevant and limited. You need to ensure that you are only storing the minimum amount of data required for your purpose, this is Minimization. We recommend that you review all your Custom Fields, and remove any fields that do not meet this requirement.

10 Storage Limitations All of your campaign data is securely stored in an encrypted cloud-based database for the duration of your contract. You can remove any information which you no longer require including people, houses and imported files by deleting these from the dashboard. This will be removed instantly from the dashboard and app, and permanently removed from the database within 30 days. Obtaining Consent 1. Centralised and secure database 2. encryption and EU based servers 3. E-signature capability 4. Activity logs and timestamps 5. Permission levels for team members 6. deletion and data retention settings 7. Unsubscribe and no contact functionality 8. Subject access request data-extraction 9. breach reporting functionality 10. Consent to contact settings 11. Ability to collect anonymised data 12. Privacy dashboard to identify legal basis for each data point collected 13. Ability to minimize data quickly

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback