GDPR (General Data Protection Regulation) is an EU initiative started in May 2018 with implications for everyone who stores any information. Its main purpose is to make sure that there is transparency in what information is held and why so that people:
- can easily find out what we are storing of their personal information
- know the purpose for it
- can request their details be removed from our records if they desire
- It also ensures that those records are kept securely.
There is no restriction on contacting people by phone or post, just by email.
The information we store at CANA is the name, address, phone number and email of our supporters including people who have attended an event and agreed to receive CANA information, noting which of them do not want their details circulated to other CANA supporters. We also keep information of donations.
The purpose for which we store information is to send contributors our newsletter, to publicise events, to fund raise, and to raise awareness. The information kept concerning donations is to inform decisions we make regarding our budget and fund raising. We do not pass personal information on to other individuals or organisations.
We ensure that our digital records are secure. CANA files are backed up on the Cloud and protected by Avast Internet Security and Malwarebytes (www.malwarebytes.com). Any paper records that are not kept are shredded.
We are registered with the ICO (Information Commissioner’s Office) which is the regulatory body for GDPR (see certificate below)
If any of our supporters has any questions, or wants to request that their details are removed from our records, they can contact firstname.lastname@example.org