Toastmasters Legal GDPR Guidelines (General Data Protection Regulation)
Change in law from 25 May 2018
Toastmasters Legal department have now issued Guidelines to all Clubs across Europe, including District 91. Follow the links below:
- GDPR Guide – Find answers to common GDPR questions
- GDPR Guidance Chart – See how the process works step by step
- Club Privacy Notice – This notice must be signed by all Members and Guests of your Club
Toastmasters Legal department, also recommend you to visit the Guide to the GDPR to learn more about the regulation and to access useful tools. You can contact TI Legal at email@example.com, if you have any questions.
In addition, ALL Clubs should convene a Committee Meeting before 25 May 18 (either in person or online) to review the Guidelines and to document the steps necessary to be compliant. You might like to consider asking and answering the following questions:
- What? – Data do you hold?
- Where? – is it held? Online, on personal computers, on paper?
- Who? – has access to the data? Current Officers or past?
- How? is your data secured? Password protected? Online password protected only?
As a District we will be reviewing the compliance of GDPR at our District Officer Training session in June and then at Club Officer training which will be followed by Area Director visits to each club.
Working together, I am sure D91 will soon become fully GDPR Compliant.
There are 12 steps to consider, please could you ensure that ALL club Presidents and VPE’s have reviewed all the steps, with particular attention to the following:
- Information you hold
- Communicating privacy information
- Individuals’ rights
- Subject access requests
9. Data Breaches
11. Data Protection Officers
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Ref: GDPR -Wikipedia