Data Use & Protection: Difference between revisions
Jc4freegle (talk | contribs) |
|||
(29 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
This page is to explain what personal data Freegle keeps, why it keeps it and what it does with it, | This page is to explain what personal data Freegle keeps, why it keeps it and what it does with it, in terms of processing, protecting and deleting it. Hopefully, this is a straight forward explanation for Freegle volunteers and members. <br> | ||
There | There are links at the bottom to other pages relevant to Data Protection such as our Policy. | ||
== Where does Freegle keep data? == | == Where does Freegle keep data? == | ||
Line 12: | Line 12: | ||
! scope="col" style="width: 300px;" | Personal Data types held | ! scope="col" style="width: 300px;" | Personal Data types held | ||
|- | |- | ||
| 1. The Freegle System || The majority of data | | 1. The Freegle System || The majority of data that Freegle has is kept in the system we call Freegle Direct see [http://ilovefreegle.org].<br> This is where all groups are held and the Freegle posts are shown. Also Freegle Direct allows users to login using their Google, Yahoo or Facebook credentials that are authenticated by those services, so the data kept and the compliance of those companies with the legislation is up to them.|| Membership Details (email and Postcode)<br> Address Book (Postcode & user supplied directions text) | ||
|- | |- | ||
| 2. National volunteers || The national volunteers who run things for Freegle that aren't directly for a local groups, | | 2. National volunteers || The national volunteers, who run things for Freegle that aren't directly for a local groups, keep data about their areas such as finance, media and IT development etc. We surveyed these volunteers and essentially they keep limited personal data such as email addresses and in some cases postal addresses. These tend to be kept in local or group email accounts and in Google docs with restricted access. || Email contacts (email address)<br> Board Member & Shareholders postal details | ||
|- | |- | ||
| 3. Local groups volunteers || Local volunteers tend to only have personal data of local members such as their email addresses for when they are dealing with queries. || Membership details (email addresses) | | 3. Local groups volunteers || Local volunteers tend to only have personal data of local members such as their email addresses for when they are dealing with queries. || Membership details (email addresses) | ||
Line 21: | Line 21: | ||
== What Personal Data does Freegle keep on its system? == | == What Personal Data does Freegle keep on its system? == | ||
Freegle keeps little personal data, and nothing that would be called sensitive. | Freegle keeps little personal data, and nothing that would be called sensitive in legal terms, so nothing like health or financial data. | ||
Personal Data on Freegle Direct : | Personal Data on Freegle Direct : | ||
Line 33: | Line 33: | ||
|} | |} | ||
Although this information may not directly identify an individual, it may do if their real name was in their email address. | Although this information may not directly identify an individual, it may do if their real name was in their email address and if combined with their post code. | ||
== How does Freegle Process this data? == | |||
{| class="wikitable" | |||
! Function | |||
! Processing by Freegle direct (In summary) | |||
|- valign="top" | |||
| Membership Functions || Maintaining settings and groups aligned with a member;<br> Aligning logins from other systems (Google, Yahoo, Facebook) with the user's Freegle membership | |||
|- | |||
| Emailing Members|| Sending emails in line with member specified preferences containing: groups posts, automatic prompts, local moderator admin messages and national campaigns | |||
|- | |||
| Collated member information || Creates a summary set of information about members so other members can see their previous activity | |||
|} | |||
== How does Freegle ensure it complies with Data Protection Law? == | == How does Freegle ensure it complies with Data Protection Law? == | ||
Freegle relies on trust to continue to work.<br> Therefore, it takes its responsibilities seriously around data protection, not just to comply legally but also not to use data in a way that members | Freegle relies on trust to continue to work.<br> Therefore, it takes its responsibilities seriously around data protection, not just to comply legally but also not to use data in a way that members wouldn't expect it to be. <br> So we don't share data with other organisations (other than to run groups with TrashNothing) and never sell it. <br>Freegle fully complies with current UK law in this area, even though we are not required by the Information Commissioner's Office to register our organisation. | ||
We are currently reviewing what we do to ensure that we are compliant with the new EU laws called the General Data Protection Regulation, commonly known as GDPR [http://http://www.eugdpr.org/] for short, which takes effect from 25th April 2018. The UK government have stated that they will be transferring GDPR into UK law, so it will be relevant post any Brexit decisions. | We are currently reviewing what we do to ensure that we are compliant with the new EU laws called the General Data Protection Regulation, commonly known as GDPR [http://http://www.eugdpr.org/] for short, which takes effect from 25th April 2018. The UK government have stated that they will be transferring GDPR into UK law, so it will be relevant post any Brexit decisions. | ||
== Key Elements of GDPR and what Freegle | == Key Elements of GDPR and what Freegle will be doing == | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 51: | Line 62: | ||
! What Freegle are doing | ! What Freegle are doing | ||
|- valign="top" | |- valign="top" | ||
| | | Legal Basis for Processing || GDPR legislation requires that organisations have a legal basis for processing data. There are six basis that can be used a. Consent, b. Contract, c. Legal obligation, d. Vital Interest, e. Public task, f. Legitimate Interest || Freegle will use Legitimate Interest as the legal basis for Processing | ||
|- | |- | ||
| | | Legitimate Interest || We believe this legal basis balances the rights of our members with the benefits that Freegle brings to society and the environment. || Freegle has chosen legitimate interest as a legal basis as we only keep very limited personal data, we use this only in ways directly related to providing a way to facilitate re-use transactions between members. Members have ways to see all data we keep and have the ability to remove themselves and their data from the system without hindrance. | ||
|- | |- | ||
| Right to be forgotten || This means that you have the right to have your personal data erased on request, or if it is no longer relevant to the processing that consent was given for. || Freegle will enable you to have erased the personal data in the Address Book function. However if you want to erase your membership data then it will mean that your membership login will be deleted. In addition policy and guidance will ensure that we keep the minimum data needed only for the time | | Right to Access & Data Portability || You can obtain confirmation from an organisation if they are processing your personal data. You also have the right to get a copy of any personal data held in a standard electronic format, so you can transfer it to other organisations. || Freegle Direct will be adding in a function under the settings tab to enable you to download all of your personal data and settings. | ||
|- | |||
| Right to be forgotten || This means that you have the right to have your personal data erased on request, or if it is no longer relevant to the processing that consent was given for. || Freegle will enable you to have erased the personal data in the Address Book function. However if you want to erase your membership data then it will mean that your membership login will be deleted. In addition policy and guidance will ensure that we keep the minimum data needed only for the time it's appropriate. | |||
|- | |- | ||
| Privacy by Design || This means that the systems your data is held on need to be designed to keep the minimum data necessary for the completion of its duties (data minimisation), as well as limiting the access to personal data to those needing to act out the processing. || Freegle already has access protection in for its Freegle Direct system and keeps the least personal data possible to deliver the Freegle services. | | Privacy by Design || This means that the systems your data is held on need to be designed to keep the minimum data necessary for the completion of its duties (data minimisation), as well as limiting the access to personal data to those needing to act out the processing. || Freegle already has access protection in for its Freegle Direct system and keeps the least personal data possible to deliver the Freegle services. | ||
|- | |- | ||
| Breach Notification || Under the GDPR, breach notification will become mandatory where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. This must be done within 72 hours of first having become aware of the breach. Organisations will also be required to notify their customers “without undue delay” after first becoming aware of a data breach. || If Freegle became aware of any breach or hack as | | Breach Notification || Under the GDPR, breach notification will become mandatory where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. This must be done within 72 hours of first having become aware of the breach. Organisations will also be required to notify their customers “without undue delay” after first becoming aware of a data breach. || If Freegle became aware of any breach, or hack as it's more commonly known, we will let our members know via email and the UK Data Protection Authority. Luckily we don't keep anything sensitive, and therefore its unlikely to risk anyone's rights or freedoms. | ||
|- | |- | ||
| Penalties || If an organisation violates the GDPR regulations it can be fined up to 4% of its annual global turnover || We at Freegle understand this is aimed at big corporations so they take it seriously. We too take it seriously as without the trust of our members Freegle wouldn't be able to function. | | Penalties || If an organisation violates the GDPR regulations it can be fined up to 4% of its annual global turnover || We at Freegle understand this is aimed at big corporations so they take it seriously. We too take it seriously as without the trust of our members Freegle wouldn't be able to function. | ||
Line 66: | Line 79: | ||
|} | |} | ||
== Freegle's Legitimate Interest Assessment == | |||
The Information Commissioner's Office suggest that if you use a Legitimate Interest basis of processing, you should conduct a Legitimate Interest Assessment [LIA]. An LIA is a type of light-touch risk assessment based on the specific context and circumstances. It will help ensure that our processing is lawful. Having an LIA will also help Freegle demonstrate compliance in line with it's accountability obligations under Articles 5(2) and 24. Therefore here below is our LIA. | |||
'''Identify the legitimate interest(s)''' | |||
''' | Why do you want to process the data – what are you trying to achieve? '''Freegle Answer [FA] >>''' To enable individuals who have joined Freegle to gain reuse of their unwanted items to others in their locality. <br> | ||
Who benefits from the processing? In what way? - '''FA >>''' The individual Freegle member in enabling reuse of their items and the environment as less waste goes to landfill or incineration. <br> | |||
Are there any wider public benefits to the processing? - '''FA >>''' There is a wider public benefit that reuse aids the environment and can reduce volumes of landfill that are an expense to the public to process. <br> | |||
How important are those benefits? - '''FA >>''' In the UK there is a shortage of landfill so the work of Freegle are important to tackling the environmental impact of waste. <br> | |||
What would the impact be if you couldn’t go ahead? - '''FA >>''' Many hundreds of tonnes of waste per year would be added to the waste stream that ends up in Landfill. <br> | |||
Would your use of the data be unethical or unlawful in any way? - '''FA >>''' Freegle's use of personal data would not be unlawful or unethical, as our community depends heavily on the trust of its members. Freegle has data protection policies to ensure it is used responsibly and only for the stated aims of the organisation individuals are a member of. <br> | |||
''' | '''Is the Processing Necessary''' | ||
Does this processing actually help to further that interest? - '''FA >>''' The processing of a very limited set of personal data (email address and location) helps people advertise unwanted items for re-use to others in their locality. Not processing this information would render the service of much less use to the individuals who joined Freegle and therefore the the environment for the public more generally. <br> | |||
Is it a reasonable way to go about it? - '''FA >>''' This limited and focused processing is entirely reasonable and in line with the expectations of the individuals that join Freegle. <br> | |||
Is there another less intrusive way to achieve the same result? - '''FA >>''' There is no less intrusive way to effectively enable the exchange of items for reuse between members, as without this basic information posts to offer items would not be able to be replied to nor the seeker know where the item was. <br> | |||
'''Is the processing balanced against individual rights ?''' | |||
What is the nature of your relationship with the individual? - '''FA >>''' All individuals are members of the Freegle service by choice, as they sign up to further enable them to gift or seek items for reuse. <br> | |||
Is any of the data particularly sensitive or private? - '''FA >>''' No, there is no sensitive data kept. <br> | |||
Would people expect you to use their data in this way? - '''FA >>''' Individuals join Freegle specifically for this service, so they would expect their data to be used in this way. <br> | |||
Are you happy to explain it to them? - '''FA >>''' Yes we are very happy to explain it to them. This is mostly done by information on open Wiki pages (including this one) detailing everything we do. Additionally, we have also assigned a Data Protection Officer role despite not being required to due to not keeping sensitive data. <br> | |||
Are some people likely to object or find it intrusive? - '''FA >>''' Having reviewed our use we cannot foresee any reasonable objections to the use of the data in the way we process it. <br> | |||
What is the possible impact on the individual? - '''FA >>''' The most serious impact we can foresee with the release of data, is the a member who has not posted an item could possibly be identified by name and area they live. This could happen if they have their real name in their email address and it is associated with their postal area. <br> | |||
How big an impact might it have on them? - '''FA >>''' A member may feel that their privacy is impacted, although as most members would make this information public when they post an item it would be a risk they are likely comfortable with. <br> | |||
Are you processing children’s data? - '''FA >>''' Our policy is not to process children's data. <br> | |||
Are any of the individuals vulnerable in any other way? - '''FA >>''' No the freegle system does not make individuals vulnerable in any way greater than normal use of the internet. <br> | |||
Can you adopt any safeguards to minimise the impact? - '''FA >>''' As this is the only basic personal data we keep there are no other safeguards beyond our internal security measure that we can take. <br> | |||
Can you offer an opt-out? - '''FA >>''' If the individual is a member then we cannot offer an opt-out of the standard processing we do. There are settings that members have control of to opt in or out of mailing lists and the scope of what they can see when logged into the service. However there is no barrier to individuals leaving the service. <br> | |||
== What about users of TrashNothing? == | == What about users of TrashNothing? == | ||
Trashnothing is a system that fronts Freegle and other systems such as Freecycle. If you have a TrashNothing account then the TrashNothing system keeps your membership details (email address & Postcode) and any Freegle group in connects you with also has this data. Trashnothing has its own Data Protection mechanisms, for more information see here [https://trashnothing.com/privacy]. | Trashnothing is a system that fronts Freegle and other systems such as Freecycle. If you have a TrashNothing account then the TrashNothing system keeps your membership details (email address & Postcode) and any Freegle group in connects you with also has this data. Trashnothing has its own Data Protection mechanisms, for more information see here [https://trashnothing.com/privacy]. | ||
== Useful Links == | == Useful Links == | ||
*[[Data Protection Policy]] - Policies for dealing with Personal Data | *[[Data Protection Policy]] - Policies for dealing with Personal Data | ||
*[[Data Protection Guidelines]] - Guidelines for Volunteers | *[[Data Protection Guidelines]] - Guidelines for Volunteers | ||
*[[Data Protection Compliance - Volunteer Task list]] - Ongoing and completed tasks | |||
*[[Spam]] - further explanation to counter accusations that we spam! | *[[Spam]] - further explanation to counter accusations that we spam! | ||
*[[Basic Information]] | *[[Basic Information]] | ||
*[[Admin]] | *[[Admin]] | ||
*Link to message from DPO on leaving the EU on 31st December 2020 [[https://discourse.ilovefreegle.org/t/brexit-and-data-protection-gdpr/2570]] | |||
[[category:Admin]] [[category:Freegle Direct]] [[category: Data Protection]] | [[category: Admin]] [[category: Freegle Direct]] [[category: Data Protection]] |
Latest revision as of 09:39, 18 December 2020
This page is to explain what personal data Freegle keeps, why it keeps it and what it does with it, in terms of processing, protecting and deleting it. Hopefully, this is a straight forward explanation for Freegle volunteers and members.
There are links at the bottom to other pages relevant to Data Protection such as our Policy.
Where does Freegle keep data?
There are three areas that we need to consider when we talk about where the Freegle organisation keeps personal data:
Area | Description | Personal Data types held |
---|---|---|
1. The Freegle System | The majority of data that Freegle has is kept in the system we call Freegle Direct see [1]. This is where all groups are held and the Freegle posts are shown. Also Freegle Direct allows users to login using their Google, Yahoo or Facebook credentials that are authenticated by those services, so the data kept and the compliance of those companies with the legislation is up to them. |
Membership Details (email and Postcode) Address Book (Postcode & user supplied directions text) |
2. National volunteers | The national volunteers, who run things for Freegle that aren't directly for a local groups, keep data about their areas such as finance, media and IT development etc. We surveyed these volunteers and essentially they keep limited personal data such as email addresses and in some cases postal addresses. These tend to be kept in local or group email accounts and in Google docs with restricted access. | Email contacts (email address) Board Member & Shareholders postal details |
3. Local groups volunteers | Local volunteers tend to only have personal data of local members such as their email addresses for when they are dealing with queries. | Membership details (email addresses) |
What Personal Data does Freegle keep on its system?
Freegle keeps little personal data, and nothing that would be called sensitive in legal terms, so nothing like health or financial data.
Personal Data on Freegle Direct :
Function | Personal data recorded |
---|---|
Membership Detail | - email address - User name - Post code |
Address Book | - Post Code (user could enter a different one to that stored with the membership detail) - Directions - Often this will contain the user's address and other detail to help others navigate to their address) |
Although this information may not directly identify an individual, it may do if their real name was in their email address and if combined with their post code.
How does Freegle Process this data?
Function | Processing by Freegle direct (In summary) |
---|---|
Membership Functions | Maintaining settings and groups aligned with a member; Aligning logins from other systems (Google, Yahoo, Facebook) with the user's Freegle membership |
Emailing Members | Sending emails in line with member specified preferences containing: groups posts, automatic prompts, local moderator admin messages and national campaigns |
Collated member information | Creates a summary set of information about members so other members can see their previous activity |
How does Freegle ensure it complies with Data Protection Law?
Freegle relies on trust to continue to work.
Therefore, it takes its responsibilities seriously around data protection, not just to comply legally but also not to use data in a way that members wouldn't expect it to be.
So we don't share data with other organisations (other than to run groups with TrashNothing) and never sell it.
Freegle fully complies with current UK law in this area, even though we are not required by the Information Commissioner's Office to register our organisation.
We are currently reviewing what we do to ensure that we are compliant with the new EU laws called the General Data Protection Regulation, commonly known as GDPR [2] for short, which takes effect from 25th April 2018. The UK government have stated that they will be transferring GDPR into UK law, so it will be relevant post any Brexit decisions.
Key Elements of GDPR and what Freegle will be doing
GDPR Area | What this means | What Freegle are doing |
---|---|---|
Legal Basis for Processing | GDPR legislation requires that organisations have a legal basis for processing data. There are six basis that can be used a. Consent, b. Contract, c. Legal obligation, d. Vital Interest, e. Public task, f. Legitimate Interest | Freegle will use Legitimate Interest as the legal basis for Processing |
Legitimate Interest | We believe this legal basis balances the rights of our members with the benefits that Freegle brings to society and the environment. | Freegle has chosen legitimate interest as a legal basis as we only keep very limited personal data, we use this only in ways directly related to providing a way to facilitate re-use transactions between members. Members have ways to see all data we keep and have the ability to remove themselves and their data from the system without hindrance. |
Right to Access & Data Portability | You can obtain confirmation from an organisation if they are processing your personal data. You also have the right to get a copy of any personal data held in a standard electronic format, so you can transfer it to other organisations. | Freegle Direct will be adding in a function under the settings tab to enable you to download all of your personal data and settings. |
Right to be forgotten | This means that you have the right to have your personal data erased on request, or if it is no longer relevant to the processing that consent was given for. | Freegle will enable you to have erased the personal data in the Address Book function. However if you want to erase your membership data then it will mean that your membership login will be deleted. In addition policy and guidance will ensure that we keep the minimum data needed only for the time it's appropriate. |
Privacy by Design | This means that the systems your data is held on need to be designed to keep the minimum data necessary for the completion of its duties (data minimisation), as well as limiting the access to personal data to those needing to act out the processing. | Freegle already has access protection in for its Freegle Direct system and keeps the least personal data possible to deliver the Freegle services. |
Breach Notification | Under the GDPR, breach notification will become mandatory where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. This must be done within 72 hours of first having become aware of the breach. Organisations will also be required to notify their customers “without undue delay” after first becoming aware of a data breach. | If Freegle became aware of any breach, or hack as it's more commonly known, we will let our members know via email and the UK Data Protection Authority. Luckily we don't keep anything sensitive, and therefore its unlikely to risk anyone's rights or freedoms. |
Penalties | If an organisation violates the GDPR regulations it can be fined up to 4% of its annual global turnover | We at Freegle understand this is aimed at big corporations so they take it seriously. We too take it seriously as without the trust of our members Freegle wouldn't be able to function. |
Data Protection Officer | The GDPR law DPO appointment will be mandatory only for those controllers and processors whose core activities consist of processing operations which require regular and systematic monitoring of data subjects on a large scale or of special categories of data or data relating to criminal convictions and offences. | Although the law doesn't require organisations like Freegle to appoint a Data Protection Officer we will be having a volunteer position to look at this areas for us. They can be contacted by email at DPO@ilovefreegle.org |
Freegle's Legitimate Interest Assessment
The Information Commissioner's Office suggest that if you use a Legitimate Interest basis of processing, you should conduct a Legitimate Interest Assessment [LIA]. An LIA is a type of light-touch risk assessment based on the specific context and circumstances. It will help ensure that our processing is lawful. Having an LIA will also help Freegle demonstrate compliance in line with it's accountability obligations under Articles 5(2) and 24. Therefore here below is our LIA.
Identify the legitimate interest(s)
Why do you want to process the data – what are you trying to achieve? Freegle Answer [FA] >> To enable individuals who have joined Freegle to gain reuse of their unwanted items to others in their locality.
Who benefits from the processing? In what way? - FA >> The individual Freegle member in enabling reuse of their items and the environment as less waste goes to landfill or incineration.
Are there any wider public benefits to the processing? - FA >> There is a wider public benefit that reuse aids the environment and can reduce volumes of landfill that are an expense to the public to process.
How important are those benefits? - FA >> In the UK there is a shortage of landfill so the work of Freegle are important to tackling the environmental impact of waste.
What would the impact be if you couldn’t go ahead? - FA >> Many hundreds of tonnes of waste per year would be added to the waste stream that ends up in Landfill.
Would your use of the data be unethical or unlawful in any way? - FA >> Freegle's use of personal data would not be unlawful or unethical, as our community depends heavily on the trust of its members. Freegle has data protection policies to ensure it is used responsibly and only for the stated aims of the organisation individuals are a member of.
Is the Processing Necessary
Does this processing actually help to further that interest? - FA >> The processing of a very limited set of personal data (email address and location) helps people advertise unwanted items for re-use to others in their locality. Not processing this information would render the service of much less use to the individuals who joined Freegle and therefore the the environment for the public more generally.
Is it a reasonable way to go about it? - FA >> This limited and focused processing is entirely reasonable and in line with the expectations of the individuals that join Freegle.
Is there another less intrusive way to achieve the same result? - FA >> There is no less intrusive way to effectively enable the exchange of items for reuse between members, as without this basic information posts to offer items would not be able to be replied to nor the seeker know where the item was.
Is the processing balanced against individual rights ?
What is the nature of your relationship with the individual? - FA >> All individuals are members of the Freegle service by choice, as they sign up to further enable them to gift or seek items for reuse.
Is any of the data particularly sensitive or private? - FA >> No, there is no sensitive data kept.
Would people expect you to use their data in this way? - FA >> Individuals join Freegle specifically for this service, so they would expect their data to be used in this way.
Are you happy to explain it to them? - FA >> Yes we are very happy to explain it to them. This is mostly done by information on open Wiki pages (including this one) detailing everything we do. Additionally, we have also assigned a Data Protection Officer role despite not being required to due to not keeping sensitive data.
Are some people likely to object or find it intrusive? - FA >> Having reviewed our use we cannot foresee any reasonable objections to the use of the data in the way we process it.
What is the possible impact on the individual? - FA >> The most serious impact we can foresee with the release of data, is the a member who has not posted an item could possibly be identified by name and area they live. This could happen if they have their real name in their email address and it is associated with their postal area.
How big an impact might it have on them? - FA >> A member may feel that their privacy is impacted, although as most members would make this information public when they post an item it would be a risk they are likely comfortable with.
Are you processing children’s data? - FA >> Our policy is not to process children's data.
Are any of the individuals vulnerable in any other way? - FA >> No the freegle system does not make individuals vulnerable in any way greater than normal use of the internet.
Can you adopt any safeguards to minimise the impact? - FA >> As this is the only basic personal data we keep there are no other safeguards beyond our internal security measure that we can take.
Can you offer an opt-out? - FA >> If the individual is a member then we cannot offer an opt-out of the standard processing we do. There are settings that members have control of to opt in or out of mailing lists and the scope of what they can see when logged into the service. However there is no barrier to individuals leaving the service.
What about users of TrashNothing?
Trashnothing is a system that fronts Freegle and other systems such as Freecycle. If you have a TrashNothing account then the TrashNothing system keeps your membership details (email address & Postcode) and any Freegle group in connects you with also has this data. Trashnothing has its own Data Protection mechanisms, for more information see here [3].
Useful Links
- Data Protection Policy - Policies for dealing with Personal Data
- Data Protection Guidelines - Guidelines for Volunteers
- Data Protection Compliance - Volunteer Task list - Ongoing and completed tasks
- Spam - further explanation to counter accusations that we spam!
- Basic Information
- Admin
- Link to message from DPO on leaving the EU on 31st December 2020 [[4]]