[Board] GPDR

Steven Feldman shfeldman at gmail.com
Tue Jul 17 10:46:06 PDT 2018


I think they are compliant - you actively sign up to the lists that you want to subscribe and you have an option to unsubscribe or delete your account completely. 

We will need to check whether deleting an account removes the email address etc. My view fwiw is that we have no obligation to purge archived emails but I think that should be made clear in our privacy policy - which we need to write!

Do you fancy getting involved to help get this done?
______
Steven


> On 16 Jul 2018, at 10:39, Ben Caradoc-Davies <ben at transient.nz> wrote:
> 
> What about email archives? They are not self-service.
> 
> Do we have an obligation to purge archived emails or correct names or email addresses in archives on requests?
> 
> Do we have an obligation to report all personal information held by OSGeo on request? Should OSGeo have a procedure for handling such requests?
> 
> Kind regards,
> Ben.
> 
> On 16/07/18 18:00, Jody Garnett wrote:
>> Advice would be very much appreciated.
>> My own preference is to be clear that OSGeo is largely self-serve, and if
>> we document steps to sign up for something we also document the steps to
>> un-sign up for something.
>> I think OSGeo has one mail chimp account used by marketing and geoforall -
>> but it am not sure how heavily it is used?
>> --
>> Jody Garnett
>> On Sat, 14 Jul 2018 at 10:16, stevenfeldman <shfeldman at gmail.com> wrote:
>>> Jody
>>> 
>>> I think the Board needs to take a more proactive approach to GDPR. This is
>>> quite significant legislation and we should ensure that we have taken
>>> "reasonable steps" to audit our personal data holdings and ensure we have
>>> compliant processes.
>>> 
>>> The UK Information Commissioner's Office has a good intro to GDPR at
>>> 
>>> https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
>>> and a simple checklist tool at
>>> 
>>> https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/
>>> (each EU country will have similar info but this is in English)
>>> 
>>> MailChimp has good tools for getting mail-list approval and providing
>>> unsubscribe options. Do we have an OSGeo account or is usage less formal
>>> across the regions?
>>> 
>>> I'm sure several of our EU members have already worked through GDPR with
>>> their organisations and could provide advice
>>> 
>>> Cheers
>>> 
>>> Steven
>>> 
>>> 
>>> 
>>> --
>>> Sent from: http://osgeo-org.1560.x6.nabble.com/OSGeo-Board-f3713809.html
>>> _______________________________________________
>>> Board mailing list
>>> Board at lists.osgeo.org
>>> https://lists.osgeo.org/mailman/listinfo/board
>> _______________________________________________
>> Board mailing list
>> Board at lists.osgeo.org
>> https://lists.osgeo.org/mailman/listinfo/board
> 
> -- 
> Ben Caradoc-Davies <ben at transient.nz>
> Director
> Transient Software Limited <https://transient.nz/>
> New Zealand

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/board/attachments/20180717/4a4acf1e/attachment.htm>


More information about the Board mailing list