THIS MONTH, THE new General Data Protection Regulation (GDPR) becomes law: that’s why, if you are on a commercial mailing list, you’ll have been asked to sign up for it again under new conditions. Bird clubs will also need to comply with GDPR, so I asked the consultant advising Kelsey Media for some suitable guidelines. He said:
“GDPR just takes the existing data protection laws a step further, so that all the people that clubs engage with will have clearer rights on personal information. Clubs need to review what information they hold concerning their members, and ask themselves:
■ Do we only have what we really need to know about someone on our system?
■ Do we delete old emails and old paper records that are no longer needed?
■ When someone joins the club or resubscribes, do we explain what we will do with the information they provide, whom we may share it with and how long we will keep it?
■ Do we hold it securely so no unauthorised person has access?
■ Do we have a plan if any data gets lost?
If the answer is YES, you are well on your way to being GDPR-compliant and if you have answered NO you can change the way you currently work by doing these things. The key points are:
■ Don’t keep anything you don’t need for longer than you have to.
■ Make sure you have the right permissions in place.
■ Always be up front and honest about what you are going to do with the info a person shares with you.
■ If you identify a risk in the way you are working with personal data, document and correct it so you can evidence the change.”
Meanwhile, enjoy your birds this week.