[Board] GPDR
Guido Stein
guido at guidostein.com
Tue Jul 17 11:03:13 PDT 2018
Just wondering, is this something that the Board has a lawyer looking into
for us? Also this... https://opensource.com/article/18/4/gdpr-impact
-Guido
On Tue, Jul 17, 2018 at 1:46 PM Steven Feldman <shfeldman at gmail.com> wrote:
> I think they are compliant - you actively sign up to the lists that you
> want to subscribe and you have an option to unsubscribe or delete your
> account completely.
>
> We will need to check whether deleting an account removes the email
> address etc. My view fwiw is that we have no obligation to purge archived
> emails but I think that should be made clear in our privacy policy - which
> we need to write!
>
> Do you fancy getting involved to help get this done?
> ______
>
> Steven
>
>
> On 16 Jul 2018, at 10:39, Ben Caradoc-Davies <ben at transient.nz> wrote:
>
> What about email archives? They are not self-service.
>
> Do we have an obligation to purge archived emails or correct names or
> email addresses in archives on requests?
>
> Do we have an obligation to report all personal information held by OSGeo
> on request? Should OSGeo have a procedure for handling such requests?
>
> Kind regards,
> Ben.
>
> On 16/07/18 18:00, Jody Garnett wrote:
>
> Advice would be very much appreciated.
> My own preference is to be clear that OSGeo is largely self-serve, and if
> we document steps to sign up for something we also document the steps to
> un-sign up for something.
> I think OSGeo has one mail chimp account used by marketing and geoforall -
> but it am not sure how heavily it is used?
> --
> Jody Garnett
> On Sat, 14 Jul 2018 at 10:16, stevenfeldman <shfeldman at gmail.com> wrote:
>
> Jody
>
> I think the Board needs to take a more proactive approach to GDPR. This is
> quite significant legislation and we should ensure that we have taken
> "reasonable steps" to audit our personal data holdings and ensure we have
> compliant processes.
>
> The UK Information Commissioner's Office has a good intro to GDPR at
>
>
> https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
> and a simple checklist tool at
>
>
> https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/
> (each EU country will have similar info but this is in English)
>
> MailChimp has good tools for getting mail-list approval and providing
> unsubscribe options. Do we have an OSGeo account or is usage less formal
> across the regions?
>
> I'm sure several of our EU members have already worked through GDPR with
> their organisations and could provide advice
>
> Cheers
>
> Steven
>
>
>
> --
> Sent from: http://osgeo-org.1560.x6.nabble.com/OSGeo-Board-f3713809.html
> _______________________________________________
> Board mailing list
> Board at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/board
>
> _______________________________________________
> Board mailing list
> Board at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/board
>
>
> --
> Ben Caradoc-Davies <ben at transient.nz>
> Director
> Transient Software Limited <https://transient.nz/>
> New Zealand
>
>
> _______________________________________________
> Board mailing list
> Board at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/board/attachments/20180717/7fafbd7a/attachment.htm>
More information about the Board
mailing list