GDPR For The Voluntary Sector

What is today’s aim? “To discover what GDPR is, what it means for you as a volunteer, and how it will effect your organization”

GDPR – (General Data Protection Regulation) What is GDPR? GDPR – (General Data Protection Regulation) Fines of 4% global turnover 25th May 2018 Replaces the DPA Effects lifecycle of data

How will it effect your organisation? Data protection officers Audits of procedures/processes Collection of personal information Storage of personal information Access rights Sharing of personal data Email Company policies Access requests Disposal of data

How can we process data lawfully? Consent – Have they opted in. Contract – Processing is necessary for contractual obligations. Legal Obligation – Processing to comply with law. Vital Interests – Processing is necessary to protect life. Public Task – Performing a task in the public interest. Legitimate Interests – Processing is necessary for your legitimate interests, only if the individuals rights don’t supersede this.

Individuals rights The right to be informed. The right of access. The right to rectification. The right to erase. The right to restrict processing. The right to data portability. The right to object. Rights in relation to automated decision making and profiling.

What do volunteers have to consider? Things are going to change. Keep updated with policies. Collecting/storing/using personal information should be done in the correct manner. Security – passwords/encryption/physical. You have the same rights to your own personal data.

Thank you! Any Questions? https://ico.org.uk