On May 25th, 2018, the GDPR (General Data Protection Regulation) enters into force. Although it is easy to adapt to the fulfillment of the new legislation and there has been time to do it, the issue is complex and it is recommended to leave it in the hands of the experts, especially considering that the system of sanctions is important.
European regulation is well explained at Official Journal of the European Union.
Thinking about the organizations of the iWith.org network that do a normal collection and management of personal data, we offer this step by step:
1- Facilita_RGPD
Most of the associations can be adapted very easily using the AGPD program http://www.servicios.agpd.es/Facilita, following the simple instructions and signing the generated documents.
2- Document management
The program generates the documents to be sent to the different parties concerned and the texts to be added at the bottom of the forms.
3- Cookies
Regarding the website, it is necessary to ensure that the standard cookie consent message is configured. More information: http://www.abcore.org/news/es_ES/2017/01/31/0001/el-snippet-de-cookies-actualizado-a-la-ultima-version
4- Analytics
If iWith.org has access to Google Analytics, we already take care of anonymizing the IP.
Otherwise, we suggest that you provide us with editor access, which will allow us to link Adwords with Analytics and the Search Console with Analytics.
You can also turn on the IP Anonymization feature in Google Analytics. More information:
https://privacy.google.com/businesses/compliance/
http://www.blastam.com/blog/5-actionable-steps-gdpr-compliance-google-analytics
5- Consent
For the sending of bulletins and mass mailings, it is necessary to have the express consent of the persons to whom they are addressed.
From iWith.org, in addition to adapting like any other entity, we accompany the organizations of whom we take care of managing the web, newsletters, mass mailing and email accounts. With the Internet service platform Abcore Cadí we include tools that facilitate the fulfillment of the GDPR. The management of Abcore Cadí newsletters allows to fulfill GDPR since a long time ago.
To handle the express authorization of subscribers to newsletters and mass emails Abcore Cadí has two tools:
1- The "Manage Subscribers" complies with the requirements of the GDPR because it manages subscriptions and cancelations to newsletters and it keeps the date on which the person subscribed. If your organization has successfully managed the subscription to newsletters and people have subscribed to the newsletters through the "Manage Subscribers" tool, a record of the authorization date is saved and therefore the regulations are complied with.
2- If the organization is not sure of the origin of the data or at some time has made subscriptions on behalf of the target people but without their express authorization, Abcore Cadí facilitates the tools to make a massive email in which people are required to fill in the express authorization form for future mailings. The answer arrives via forms and maintains the registries updated and with the registered authorizations.
As an example, from iWith.org we have communicated it by email with this text:
Theme: We help to apply the new data protection regulation, GDPR
Next May 25th, the new General Data Protection Regulation, the GDPR, will come into force, which implies that we need your consent to be able to send any information.
We write to you because we are collaborating, because you use some of the services of iWith.org or because we have had some relationship related to the application of Information and Communication Technologies (ICT) in the non-lucrative sector. In any case, we want to keep in touch with you.
The new regulation, mandatory for all organizations, allow you to provide your consent for us to send you the information that really interests you. You can authorize us to use your data according to your relationship with us:
A) As a user of any of the services
Recommended if you are using any service managed by iWith.org (email, web, Google adwords, Abcore, Wordpress, etc.)
B) As a person interested in the activities of iWith.org
Recommended for friends, donors, collaborators, and in general people interested in the activities of iWith.org.
C) As a person interested in improving communication in the non-profit sector
Recommended if you follow calls, resources and information related to communication on the Internet, and useful for NGOs and projects to improve society.
Click and fill in your box, so we can continue to inform you of the opportunities offered by the Internet and how we contribute to make the world a better place without collapsing your mailbox.
The new GDPR will also allow you:
-Having access to your personal data and to obtain a copy.
-Requesting the removal of your personal data from our database and/or restricting where your data is used.
-Receiving notification when there is a security breach involving your data.
For any questions or procedure we are always available at suport@iwith.org
Thinking about the organizations of the iWith.org network that do a normal collection and management of personal data, we offer this step by step:
1- Facilita_RGPD
Most of the associations can be adapted very easily using the AGPD program http://www.servicios.agpd.es/Facilita, following the simple instructions and signing the generated documents.
2- Document management
The program generates the documents to be sent to the different parties concerned and the texts to be added at the bottom of the forms.
3- Cookies
Regarding the website, it is necessary to ensure that the standard cookie consent message is configured. More information: http://www.abcore.org/news/es_ES/2017/01/31/0001/el-snippet-de-cookies-actualizado-a-la-ultima-version
4- Analytics
If iWith.org has access to Google Analytics, we already take care of anonymizing the IP.
Otherwise, we suggest that you provide us with editor access, which will allow us to link Adwords with Analytics and the Search Console with Analytics.
You can also turn on the IP Anonymization feature in Google Analytics. More information:
https://privacy.google.com/businesses/compliance/
http://www.blastam.com/blog/5-actionable-steps-gdpr-compliance-google-analytics
5- Consent
For the sending of bulletins and mass mailings, it is necessary to have the express consent of the persons to whom they are addressed.
From iWith.org, in addition to adapting like any other entity, we accompany the organizations of whom we take care of managing the web, newsletters, mass mailing and email accounts. With the Internet service platform Abcore Cadí we include tools that facilitate the fulfillment of the GDPR. The management of Abcore Cadí newsletters allows to fulfill GDPR since a long time ago.
To handle the express authorization of subscribers to newsletters and mass emails Abcore Cadí has two tools:
1- The "Manage Subscribers" complies with the requirements of the GDPR because it manages subscriptions and cancelations to newsletters and it keeps the date on which the person subscribed. If your organization has successfully managed the subscription to newsletters and people have subscribed to the newsletters through the "Manage Subscribers" tool, a record of the authorization date is saved and therefore the regulations are complied with.
2- If the organization is not sure of the origin of the data or at some time has made subscriptions on behalf of the target people but without their express authorization, Abcore Cadí facilitates the tools to make a massive email in which people are required to fill in the express authorization form for future mailings. The answer arrives via forms and maintains the registries updated and with the registered authorizations.
As an example, from iWith.org we have communicated it by email with this text:
Theme: We help to apply the new data protection regulation, GDPR
Next May 25th, the new General Data Protection Regulation, the GDPR, will come into force, which implies that we need your consent to be able to send any information.
We write to you because we are collaborating, because you use some of the services of iWith.org or because we have had some relationship related to the application of Information and Communication Technologies (ICT) in the non-lucrative sector. In any case, we want to keep in touch with you.
The new regulation, mandatory for all organizations, allow you to provide your consent for us to send you the information that really interests you. You can authorize us to use your data according to your relationship with us:
A) As a user of any of the services
Recommended if you are using any service managed by iWith.org (email, web, Google adwords, Abcore, Wordpress, etc.)
B) As a person interested in the activities of iWith.org
Recommended for friends, donors, collaborators, and in general people interested in the activities of iWith.org.
C) As a person interested in improving communication in the non-profit sector
Recommended if you follow calls, resources and information related to communication on the Internet, and useful for NGOs and projects to improve society.
Click and fill in your box, so we can continue to inform you of the opportunities offered by the Internet and how we contribute to make the world a better place without collapsing your mailbox.
The new GDPR will also allow you:
-Having access to your personal data and to obtain a copy.
-Requesting the removal of your personal data from our database and/or restricting where your data is used.
-Receiving notification when there is a security breach involving your data.
For any questions or procedure we are always available at suport@iwith.org
image/jpg
image/jpg
