Toastmasters Legal GDPR Guidelines (General Data Protection Regulation)

Change in law from 25 May 2018

In addition to the official GDPR documents provided by Toastmasters International Legal team, members of D91, led by Rory Graves (Grosvenor Square Speakers), Jason Thompson,(Area K59 Director), Mikhail Krivoshein (Russian English Speakers) and many others, have collaborated to create the following documents, which are available for all clubs to download and amend for use:

Toastmasters Legal department Guidelines

Toastmasters Legal department have now issued Guidelines to all Clubs across Europe, including District 91. Follow the links below:

Toastmasters Legal department, also recommend you to visit the Guide to the GDPR to learn more about the regulation and to access useful tools. You can contact TI Legal at, if you have any questions.

Implementing GDPR across D91

By now, ALL Clubs should have convened a Committee Meeting to review the Guidelines and to document the steps necessary to be compliant. You might like to consider asking and answering the following questions:

  • What?  – Data do you hold?
  • Where? – is it held? Online, on personal computers, on paper?
  • Who? – has access to the data? Current Officers or past?
  • How? is your data secured? Password protected? Online password protected only?

Further reading:

Preparing for the General Data Protection Regulation

There are 12 steps to consider, please could you ensure that ALL club Presidents and VPE’s have reviewed all the steps, with particular attention to the following:

  1. Awareness
  2. Information you hold
  3. Communicating privacy information
  4. Individuals’ rights
  5. Subject access requests
    7. Consent
    9. Data Breaches
    11. Data Protection Officers

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Ref: GDPR -Wikipedia

Comments are closed.