The General Data Protection Regulation Compliance 2018 - (GDPR)
Is your Association or NGO ready for EU's General Data Protection Regulation?
Privacy is important and it matters. That is why we are the open source AMS. Hopefully you share these values as well. No smoke and mirrors.
From the GDPR site:
Organizations that collect data on citizens in European Union (EU) countries, will need to comply with the major law update to data protection which comes into force on May 25, 2018. The new rules apply across the EU including the UK – regardless of your companie's location –both data controllers and data processors (meaning 'clouds') will not be exempt from GDPR enforcement.
Purpose: The new regulation gives individuals more rights over their data and demands greater accountability and transparency from organisations on how they collect, process and store private information. Under GDPR, all companie's, including charities - have to explain clearly why they are collecting personal data, how it will be used, and if it will be made available to third parties. Which is why all organizations must have a comprehensive and effective privacy compliance framework to develop hard evidence to support their compliance claims.
Penalties: Under the GDPR - your organization (as a maximum fine that can be emposed for the most serious cases) could face a fined up to €20 million, or 4% of annual global turnover, which ever is greater.
Contact your attorney and your web staff to be sure they are acting in compliance! More links are available on our helpfile on GDPR for associations.