HOW GDPR CAN AFFECT YOUR CLUB
WHAT IS ALL THE FUSS ABOUT GDPR?
Unless you’ve been living in a cave located on a desert island with no Internet, you’ve been hearing a lot about GDPR this and GDPR that. You probably know that GDPR is a European data privacy initiative that has caused many, if not most, businesses and organisations to reconsider how they solicit permission to collect, and manage personal data as well as how those organisations and businesses actually collect and manage that data.
If your job is administrating or marketing related for your organisation, club, or association; you’ve probably been wondering how data guidelines affect you if you do any online marketing or data collection.
Here at Member Jungle, we provide tools that help organisations do both online marketing and manage data collected, using our member management software. We encourage every member-based group to use online marketing and membership management automation, so for the organisations that use our software and also clubs that already are or are considering doing any digital marketing work, this article is for you.
THE GENERAL DATA PROTECTION REGULATION FOR AUSTRALIAN CLUBS
The GDPR is short for “General Data Protection Regulation” and it’s the biggest change in data protection laws in the last twenty years. In short, it legislates giving European citizens control over their personal data. Notice I said “European citizens” — so why is the whole world changing their data policies with this new law?
That’s because Europe tends to lead the world on matters of data privacy and with the recent revelations about data misuse, plenty of people are justifiably concerned about how their data is handled. If you do any marketing beyond our fair continent you may be marketing to citizens of countries that enforce GDPR. Also, as the office of the Australian Information Commissioner points out in the online document Australian businesses and the EU General Data Protection Regulation; “Australian businesses of any size may need to comply if they have an establishment in the EU, if they offer goods and services in the EU, or if they monitor the behaviour of individuals in the EU.”
You can download the PDF here:
Privacy business resource 21: Australian businesses and the EU General Data Protection Regulation (GDPR)
TEN STEPS TO PREPARE FOR THE GENERAL DATA PROTECTION REGULATION (GDPR)
Broadly, you can comply when you collect personal data online for your association by using a checkbox, without a default selection, together with by clear language about what you will do with the data you collect. Requirements can get more complicated when a member or prospective member signs up for a service or buys something. To get specific information about how to keep your Member Jungle site compliant, you can contact us from our support page here.
Contact The Team At Member Jungle. Easy Membership Management.
Publicise - Ensure that key people in your organisation or association know that the law is changing to the GDPR.
Consent - Review how you seek, record and manage data consent when collecting personal information for your club and whether you need to make any changes. Update existing consents now if they don’t meet the GDPR standard.
Information Maintained - Document what personal data your club collects and maintains, its source and who you share it with.
Privacy Notice - Review your membership organisation's active privacy notices and plan in place to make any necessary changes for your GDPR implementation.
Data Breaches - Develop procedures to identify, report and investigate a personal data breach.
Individuals’ Rights - Review your club’s processes to ensure to respect all the rights individuals have, including how you would delete personal data or provide data electronically and in a user-friendly format.
User Access Requests - Update your organisational procedures to handle user requests within the new time limits and provide any additional information.
Lawful Basis for Handling Personal Data - State the lawful basis for your data activity in the GDPR, document it and update your privacy notice to explain it.
Age - Do you need to put systems in place to verify members’ ages and does your organisation need to obtain parental or guardian consent for any data processing activity.
Data Protection Officers - Designate someone to take responsibility for data protection compliance and assess where this role will sit within your organisation’s structure and governance.
Hopefully, now you have all the essential knowledge about our good friend, GDPR. Remember, that as a Member Jungle client, we can help you with this by supplying all the necessary tools that help organisations do both online marketing and manage data collected, using our member management software.