Presentation is loading. Please wait.

Presentation is loading. Please wait.

Your Code of Conduct: Data Protection & Compliance Your Code of Conduct: Data Protection & Compliance for Charities.

Published byLauren Bryan Modified over 8 years ago

Similar presentations

Presentation on theme: "Your Code of Conduct: Data Protection & Compliance Your Code of Conduct: Data Protection & Compliance for Charities."— Presentation transcript:

1 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Your Code of Conduct: Data Protection & Compliance for Charities Steve Henderson Compliance Officer, Communicator

2 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox EXPERTS IN EMAIL PERFORMANCE

3 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox INTRODUCTION… Recent data breaches, like TalkTalk and Sony £130,000 ICO fine for Pharmacy2U in October Over 4000 breaches in local councils in just 3 years Every major bank in the UK reporting data breaches Misuse of data, hitting the charity industry hard We need organisations to focus on data protection

4 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Etherington Review and PACAC Report Failure of Trustees to fulfil their responsibilities “It would be a sad and inexcusable failure of charities to govern their own behaviour, should statutory regulation became necessary.” “I have made it clear that the sector has one last chance to prove that self regulation can work, but I am willing to step in and impose statutory regulation if necessary.” Rob Wilson, Minister For Civil Society, Jan 2016 The good work done by most within the sector can be undermined very easily. Good governance in general is about sustainability of reputation in the long-term

5 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox ConsumersOrganisationsMarketersRegulators

6 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Consumers InformationChoiceControlCompensation Organisations Fines and compensation Enforcement Data protection by design Right to be forgotten Marketers Smart use of data PlanningOpenness Copywriting challenges Scrutiny and influence Regulators Greater powersMore resourceLess discretion More consumer contact Consumers InformationChoiceControl Compensation

7 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Information Clear and transparent information Organisations’ use of data Risks, rules, rights and safeguards Choice Consent can’t be a condition of a service Right to be forgotten Choose not to have data stored or used Ability to exercise control over their data Compensation Understanding their rights Easy access to compensation Obtain full compensation from any controller or processor GDPR - Changes for consumers

8 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Identity of controller Identity and contact details of the controller or controller's representative and the contact details of the data protection officer Purposes Purposes of the processing and any related legal basis for that processing Legitimate interests The legitimate interests pursued by the controller or by a third party 3rd parties Any intended 3rd party recipients of the data must be named or be in a defined categories of 3rd party recipients of the personal data Overseas transfer Any intended data transfer to a third country or international organisation, the existence or absence of an adequacy decision, and the appropriate safeguards Storage duration The timescales or criteria defining the period for which the data will be stored Data rights The existence of the right to request access to, rectification or erasure of the data; to request restriction of processing; and the right to data portability Consent withdrawal The right to withdraw any given consent Complaints procedure The right to lodge a complaint with the supervisory authority (ICO, in the UK) Data necessity The existence of any statutory or contractual necessity for the data Automated profiling The existence and significance of any automated profiling or decision-making EXAMPLE: Information to be provided at the point of data collection “It should be transparent what data is collected and used, for what specific purposes, the existence and consequences of profiling, who is doing this processing, for what time periods and who will receive the data. The individual should be informed about Individuals should be made aware of risks, rules and safeguards.”

9 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Consumers InformationChoiceControlCompensation Organisations Fines and compensation Enforcement Data protection by design Right to be forgotten Marketers Smart use of data PlanningOpenness Copywriting challenges Scrutiny and influence Regulators Greater powersMore resourceLess discretion More consumer contact Organisations Fines and compensation Enforcement Data protection by design Right to be forgotten

10 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox GDPR - Changes for organisations Accountability Data Protection Officer Accountability for decision-makers Fines and compensation Effective, proportionate and dissuasive Up to €20 million or 4% of global revenue Enforcement Greater supervisory powers International enforcement cooperation Data protection by design Data protection to become part of every set of software, website, data and process requirements Right to be forgotten Anonymous purchases Anonymous analytics Data deletion

11 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Consumers InformationChoiceControlCompensation Organisations Fines and compensation Enforcement Data protection by design Right to be forgotten Marketers Smart use of data PlanningOpenness Copywriting challenges Scrutiny and influence Regulators Greater powersMore resourceLess discretion More consumer contact Marketers Smart use of data PlanningOpenness Copywriting challenges Scrutiny and influence

12 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Smart use of data Privacy by design Adequate, relevant and not excessive Data limited to what is necessary Deleted after used for stated purposes Planning Information and choice obligations Data adequacy requirements Openness Clear and transparent information Consent can’t be a condition of a service Risk of fines if anything is hidden Copywriting challenges Clear language requirements Large amounts of information Legal language “creepy” processing Scrutiny and influence Fines - Management and director liability DPO Risk of Trial by Media GDPR - Changes for marketers

13 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox

14 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox

15 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Consumers InformationChoiceControlCompensation Organisations Fines and compensation Enforcement Data protection by design Right to be forgotten Marketers Smart use of data PlanningOpenness Copywriting challenges Scrutiny and influence Regulators Greater powersMore resourceLess discretion More consumer contact Regulators Greater powers More resource Less discretion More consumer contact

16 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Greater powers Investigative Corrective Advisory More resource Larger teams and more resource Proactive Work and progress in 2015 to continue Less discretion Regulators held accountable for enforcing GDPR More consumer contact Crowdsourced intelligence More information, advice and publicity around rights and recourse GDPR - Changes for regulators

17 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Consumers InformationChoiceControlCompensation Organisations Fines and compensation Enforcement Data protection by design Right to be forgotten Marketers Smart use of data PlanningOpenness Copywriting challenges Scrutiny and influence Regulators Greater powersMore resourceLess discretion More consumer contact

18 Your Code of Conduct: Data Protection & Compliance for Charities @CommCorp @EasyInbox Decision makers Be responsible Be transparent Be supportive Marketers Take ownership Make intelligent decisions Be transparent Set high expectations 2016 –The Year of Your Personal Code of Conduct

19 Download our free guides www.communicatorcorp.com Follow us…@CommCorp @EasyInbox THANK YOU ANY QUESTIONS?

20 2 Old College Court, 29 Priory Street, Ware, Hertfordshire, SG12 0DE For more information, contact us at : Your telephone no. Your email address Your website address CHASE2016 Sponsors

Download ppt "Your Code of Conduct: Data Protection & Compliance Your Code of Conduct: Data Protection & Compliance for Charities."

Similar presentations

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
A European View of Privacy Protection John Woulds Director of Operations UK Data Protection Commissioner National Conference on Privacy, Technology & Criminal.

A European View of Privacy Protection John Woulds Director of Operations UK Data Protection Commissioner National Conference on Privacy, Technology & Criminal.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
The Framework for Privacy Policies in the UK: Is telling people what information is gathered about them part of the framework? Does it need to be? Emma.

The Framework for Privacy Policies in the UK: Is telling people what information is gathered about them part of the framework? Does it need to be? Emma.
Presentation Title Data Protection The new EU Regulation Insert your logo here.

Presentation Title Data Protection The new EU Regulation Insert your logo here.
The EU General Data Protection Regulation Frank Rankin.

The EU General Data Protection Regulation Frank Rankin.
Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.

Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.
Data protection—training materials [Name and details of speaker]

Data protection—training materials [Name and details of speaker]
Tony Sheppard Mobile Guardian

Tony Sheppard Mobile Guardian
General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)
Data Protection Officer’s Overview of the GDPR

Data Protection Officer’s Overview of the GDPR
Key changes with the GDPR

Key changes with the GDPR
Accountability & Structured Privacy Management

Accountability & Structured Privacy Management
General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)
Presentation to GTMC on GDPR

Presentation to GTMC on GDPR
Operationele blik op GDPR

Operationele blik op GDPR
GDPR – What’s it all about???

GDPR – What’s it all about???
General Data Protection Regulations: what you really need to know

General Data Protection Regulations: what you really need to know
General Data Protection Regulation (GDPR

General Data Protection Regulation (GDPR
General Data Protection Regulation

General Data Protection Regulation

Similar presentations

Ads by Google