GDPR - General Data Protection Regulation for the EU
The EU is bringing in new privacy regulation on May 25 – the GDPR (General Data Protection Regulation). These laws pertain to EU citizens and any organizations that collect or process data on EU citizens. If your membership database includes EU citizens, you will want to understand the GDPR, how it affects you, and what your obligations as a data controller are.
Even in cases where you have collected personal data with proper consent, the GDPR makes it clear that people can withdraw their consent, and you have to respect their wishes in that regard. The GDPR even allows them to request that you delete their personal data – this is called their right to be forgotten. If you receive such a request, you should know how to find their data records and either:
- delete the records entirely
- if you cannot delete the records, blank the personal data fields
- if you cannot blank the fields (for example, if it is a required field), then anonymize the data (change it to something that is no longer personally identifying)
Note that when removing data in this way, it is important to distinguish between their personal data, and your organization’s business records. You do not need to eliminate all traces of their existence, only the personal data that you do not require to do your own work. For example, if the individual made a purchase from you, the records of that purchase are your business records, and it is reasonable to keep them on file for your own accounting. But if you are tracking personal information like photographs, birthdates, or education history, and those data are not pertinent to your organization's ongoing work, then that data should be removed on request.
Individuals have a right to know what information you collect about them. If the person is a current member or guest on your system, they may already be able to access their profile, which shows most of the data that is collected. If they have been archived or do not otherwise have a login, and they request a copy of the data you have on file about them, you should:
- verify that you are releasing the data to the person in question (sending it to an address that you already have on file for them is a reasonable approach)
- use your Report Builder for Members to build a custom report for just that member. Select as many fields to display as are likely to be relevant, and add a single condition to select information only where member_id = that member’s ID.
- export the results of that report, and send it to the person
- you can also go to the Payments module, pull up their account history, and email their account statement, so they can see their purchase history with the organization.
As noted above, they can request that you delete personal profile data, but their purchase history is part of your accounting records, and you can retain that information if you wish. Contact information is in a grey area. Collecting billing contact information from your customers is a reasonable and normal part of doing business. But not all of that contact information necessarily needs to be retained, and you may also have additional non-billing contact records that are not really part of their purchase history. So it may nonetheless be necessary to clean out contact information that is not needed for the purposes of archiving your sales history.