Toastmasters Legal GDPR Guidelines (General Data Protection Regulation)
Change in law from 25 May 2018
In addition to the official GDPR documents provided by Toastmasters International Legal team, members of D91, led by Rory Graves (Grosvenor Square Speakers), Jason Thompson,(Area K59 Director), Mikhail Krivoshein (Russian English Speakers) and many others, have collaborated to create the following documents, which are available for all clubs to download and amend for use:
- GDPR Guidance Chart – A membership acknowledgement and consent form
- A Guest Privacy Acknowledgement – This can be printed and made available at club meetings
Toastmasters Legal department Guidelines
Toastmasters Legal department have now issued Guidelines to all Clubs across Europe, including District 91. Follow the links below:
- GDPR Guide – Find answers to common GDPR questions
- GDPR Guidance Chart – See how the process works step by step
- Club Privacy Notice – This notice must be signed by all Members and Guests of your Club
Toastmasters Legal department, also recommend you to visit the Guide to the GDPR to learn more about the regulation and to access useful tools. You can contact TI Legal at firstname.lastname@example.org, if you have any questions.
Implementing GDPR across D91
By now, ALL Clubs should have convened a Committee Meeting to review the Guidelines and to document the steps necessary to be compliant. You might like to consider asking and answering the following questions:
- What? – Data do you hold?
- Where? – is it held? Online, on personal computers, on paper?
- Who? – has access to the data? Current Officers or past?
- How? is your data secured? Password protected? Online password protected only?
There are 12 steps to consider, please could you ensure that ALL club Presidents and VPE’s have reviewed all the steps, with particular attention to the following:
- Information you hold
- Communicating privacy information
- Individuals’ rights
- Subject access requests
9. Data Breaches
11. Data Protection Officers
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Ref: GDPR -Wikipedia