Difference between revisions of "GDPR"
(Created page with " The Hackspace is set up as a “Company Limited by Guarantee” and one of the legal requirements is for current and past members postal addresses to be stored for 10 years....") |
|||
| Line 1: | Line 1: | ||
| + | ==Why and What Data is Collected== | ||
| + | New members data is collected via a membership application form. | ||
The Hackspace is set up as a “Company Limited by Guarantee” and one of the legal requirements is for current and past members postal addresses to be stored for 10 years. | The Hackspace is set up as a “Company Limited by Guarantee” and one of the legal requirements is for current and past members postal addresses to be stored for 10 years. | ||
| + | For ease of operation the Hackspace communicates with members using email via mailchimp and the Slack Social media App. | ||
| + | All of the above is mandatory for the Hackspace to operate. | ||
| − | + | There is an optional field on the form for interests so that the Hackspace can put new members in contact with existing members having a similar interest. | |
| + | The Hackspace membership form allocates a membership number. | ||
| + | |||
| + | ==Data Processing == | ||
The GPDR states that data may not be processed unless there is at least one lawful basis to do so. There are two statements which apply to the Hackspace: | The GPDR states that data may not be processed unless there is at least one lawful basis to do so. There are two statements which apply to the Hackspace: | ||
| Line 19: | Line 26: | ||
This means that the Hackspace does not have to explicitly obtains members consent to store and process their information. ( However, the latest membership application form does have two tick boxes which inform the member that their information will be stored on a computer system and that they agree to receive occasional emails from the Hackspace.) | This means that the Hackspace does not have to explicitly obtains members consent to store and process their information. ( However, the latest membership application form does have two tick boxes which inform the member that their information will be stored on a computer system and that they agree to receive occasional emails from the Hackspace.) | ||
| − | |||
| − | |||
| − | |||
| − | |||
| Line 36: | Line 39: | ||
If you want to know how your data is stored , processed etc, then read on! | If you want to know how your data is stored , processed etc, then read on! | ||
| − | Where is my information stored? | + | ==Where is my information stored?== |
| − | |||
| − | |||
The original paper membership forms are stored in the Hackspace in a locked filing cabinet. | The original paper membership forms are stored in the Hackspace in a locked filing cabinet. | ||
| − | |||
| − | |||
Only directors and any member involved with the registration of new members have access to the filing cabinet. | Only directors and any member involved with the registration of new members have access to the filing cabinet. | ||
| − | + | All information captured on the application form is stored in HMIS. For the physical location of the HMIS server see later section. | |
| − | All information captured on the application form is stored in HMIS. | ||
| − | |||
HMIS is updated if any members information is changed, the original paper copies are not updated. | HMIS is updated if any members information is changed, the original paper copies are not updated. | ||
| − | |||
Email addresses, Given name, Surname and membership number are stored in Mailchimp for important communications to all members. | Email addresses, Given name, Surname and membership number are stored in Mailchimp for important communications to all members. | ||
| − | |||
Access to HMIS and Mailchimp is restricted to Directors and members of the IT team. | Access to HMIS and Mailchimp is restricted to Directors and members of the IT team. | ||
| − | Social Media | + | '''Social Media''' |
| − | |||
| Line 73: | Line 67: | ||
| − | Facebook, Meetups and Twitter are used to publicise events to the general public. Membership of these groups is optional and initiated by the Hackspace member. | + | '''Facebook''', '''Meetups''' and '''Twitter''' are used to publicise events to the general public. Membership of these groups is optional and initiated by the Hackspace member. |
| Line 85: | Line 79: | ||
Google Group was used in the early days of the Hackspace for member communication. Membership was voluntary. It has been suggested that this is closed down as it has been superseded by Slack . | Google Group was used in the early days of the Hackspace for member communication. Membership was voluntary. It has been suggested that this is closed down as it has been superseded by Slack . | ||
| − | Processing of Members Information | + | ==Processing of Members Information== |
| − | |||
| Line 92: | Line 85: | ||
On a monthly (more frequently if new members have joined) basis the membership secretary downloads the bank statement and imports it into HMIS. | On a monthly (more frequently if new members have joined) basis the membership secretary downloads the bank statement and imports it into HMIS. | ||
| − | |||
| Line 98: | Line 90: | ||
| + | New members then receive a welcome email from the Hackspace gmail account with instructions on how to gain access to the Hackspace, and an invitation to join Slack. Their name and email address is entered into mail chimp to receive emails from the Hackspace, e.g. calling notices for meetings. | ||
| − | + | ||
| + | Members who fail to pay will be contacted by the membership secretary. If they have left the Hackspace their status is set to former. | ||
| + | Former members will have their details deleted from HMIS after 10 years. | ||
| − | + | ==How can my data be deleted?== | |
| + | As stated above, postal address can only be deleted 10 years after a member has left the hackspace. | ||
| + | A former member will however be deleted from Slack and mailchimp. | ||
| + | ==Server Physical location== | ||
| + | some of the following is not for this section but needs documenting somewhere for new Directors | ||
| − | + | *how many? | |
| + | *HMIS? | ||
| + | *RFID access | ||
| + | *WIKI? | ||
| + | *website | ||
| + | *www.leicesterhackspace.org site, is this a google group? | ||
| + | *hackspaceleicester google group | ||
| + | *email exploder | ||
| + | *bank account | ||
| + | *paypal account | ||
| + | *mailchimp | ||
Revision as of 17:15, 24 May 2018
Contents
Why and What Data is Collected
New members data is collected via a membership application form.
The Hackspace is set up as a “Company Limited by Guarantee” and one of the legal requirements is for current and past members postal addresses to be stored for 10 years.
For ease of operation the Hackspace communicates with members using email via mailchimp and the Slack Social media App.
All of the above is mandatory for the Hackspace to operate.
There is an optional field on the form for interests so that the Hackspace can put new members in contact with existing members having a similar interest.
The Hackspace membership form allocates a membership number.
Data Processing
The GPDR states that data may not be processed unless there is at least one lawful basis to do so. There are two statements which apply to the Hackspace:
Processing is necessary for compliance with a legal obligation to which the controller (Hackspace) is subject.
- Retention of members postal address for 10 years
Processing is necessary for the purposes of the legitimate interests pursued by the controller. (Hackspace)
- Processing of payments and communication via email
This means that the Hackspace does not have to explicitly obtains members consent to store and process their information. ( However, the latest membership application form does have two tick boxes which inform the member that their information will be stored on a computer system and that they agree to receive occasional emails from the Hackspace.)
As a reminder, the Hackspace does not pass members email addresses onto any third parties .
Also, if you want to see a copy of your information stored in the Hackspace Management Information System (HMIS), email directors@leicesterhackspace.org.uk .
If you want to know how your data is stored , processed etc, then read on!
Where is my information stored?
The original paper membership forms are stored in the Hackspace in a locked filing cabinet.
Only directors and any member involved with the registration of new members have access to the filing cabinet.
All information captured on the application form is stored in HMIS. For the physical location of the HMIS server see later section.
HMIS is updated if any members information is changed, the original paper copies are not updated.
Email addresses, Given name, Surname and membership number are stored in Mailchimp for important communications to all members.
Access to HMIS and Mailchimp is restricted to Directors and members of the IT team.
Social Media
The Hackspace uses Slack for communications between members, new members email addresses are added to Slack and members invited to join. This is the preferred communication means between members on a regular basis. There are a number of channels which members can subscribe to, according to their interests. As a minimum it is recommended that members subscribe to
general - used for ad hoc communication events - used to inform members of internal and external events where help may be required. A specific channel may then be created for a particular event, e.g. creat-a-con Calendar - the Calendar on the website automatically posts to this channel
Facebook, Meetups and Twitter are used to publicise events to the general public. Membership of these groups is optional and initiated by the Hackspace member.
With their agreement event hosts may have their email address published on any of the above Social Media and the Hackspace website via the Google Calendar on the Diary page.
Members photographs may appear on the website if they have attended events where the Hackspace has participated.
Google Group was used in the early days of the Hackspace for member communication. Membership was voluntary. It has been suggested that this is closed down as it has been superseded by Slack .
Processing of Members Information
When an approved application form is received, all of the details are entered into HMIS.
On a monthly (more frequently if new members have joined) basis the membership secretary downloads the bank statement and imports it into HMIS.
HMIS processes the bank statement and flags payments from new members and members for which no payment has been received.
New members then receive a welcome email from the Hackspace gmail account with instructions on how to gain access to the Hackspace, and an invitation to join Slack. Their name and email address is entered into mail chimp to receive emails from the Hackspace, e.g. calling notices for meetings.
Members who fail to pay will be contacted by the membership secretary. If they have left the Hackspace their status is set to former.
Former members will have their details deleted from HMIS after 10 years.
How can my data be deleted?
As stated above, postal address can only be deleted 10 years after a member has left the hackspace. A former member will however be deleted from Slack and mailchimp.
Server Physical location
some of the following is not for this section but needs documenting somewhere for new Directors
- how many?
- HMIS?
- RFID access
- WIKI?
- website
- www.leicesterhackspace.org site, is this a google group?
- hackspaceleicester google group
- email exploder
- bank account
- paypal account
- mailchimp
