Re: Travel Sponsorship Delays and Next Steps
- From: Neil McGovern <neil gnome org>
- To: foundation-list gnome org
- Subject: Re: Travel Sponsorship Delays and Next Steps
- Date: Wed, 13 Jun 2018 12:38:01 +0100
On Fri, 2018-06-08 at 11:17 +0200, Didier Roche wrote:
Le 08/06/2018 à 10:06, Tobias Mueller a écrit :
Hi,
Hey Tobias,
On Fri, 2018-06-08 at 08:07 +0200, Didier Roche wrote:
Neil and the Travel Committee are working hard in changing the
current
process of handling requests to comply to GDPR.
I applaud the efforts, but what makes you think you fall under the
regulations of the GDPR?
I believe to have some intermediary level knowledge of the GDPR and
how
to assess whether anything is in need of compliance and I'd be
interested in learning why you think the Foundation needs to
comply.
This was initially raised by the Travel Committee itself.
After a deeper look by Neil who has worked on this topic on other
areas
for the GNOME Foundation, there is an agreement that some process
changes were needed to comply. I'll let him expand on this (probably
once the work for getting things in shape and unblock the current
situation is done).
We're processing personal data of individuals who are located in the
EU, so we need to comply. What we don't need is a named Data Protection
Officer (we have less than 250 employees).
What we were missing was:
* a privacy notice saying what we collect, what we do with it, and what
legal basis we have for collecting it (which is now in place!)
* An easy way to ensure that requests, for the travel committee, can be
deleted when there's no requirement to keep it anymore (we're now using
RT rather than an email list)
* a confidentiality agreement for those who process personal data (now
in place, but not technically a GDPR requirement)
Happy to answer any more questions,
Neil
--
Neil McGovern
Executive Director, The GNOME Foundation
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]