Data Use & Protection

From Freegle Wiki
Revision as of 14:49, 14 September 2017 by Jc4freegle (talk | contribs) (added in bits on GDPR)
Jump to navigationJump to search

This page is to explain what personal data Freegle keeps, why it keeps it and what it does with it, it terms of processing, protecting and deleting it. Hopefully this is a straight forward explanation for freegle members. There is also a link to our Data Protection Policy which is more detailed and it so we can show our compliance to relevant data protection legislation.

Where does Freegle keep data?

The majority of data freegle has is kept in the platform we call Freegle Direct see [1]. This is where all groups are held (apart from those in Norfolk [2] and the few groups still only on Yahoo groups) and the freegle posts are shown. As Freegle Direct works with Yahoo groups where they can co-exist then Yahoo does keep other data that Freegle itself doesn't keep. Also Freegle Direct allows users to login using their Google, Yahoo or Facebook credentials that are authenticated by those services, so the data kept and the compliance of those companies with the legislation is up to them.

In addition the national volunteers keep data about their roles such as finance, media and IT development. !!!!We need to audit what personal data is kept beyond personal emails to quantify and set policy here. !!!

Finally local groups may keep information about how the group is running. We are currently (April 2017) looking into what local groups typically keep so we can advise them and come up with the appropriate guidance and policy.


What Personal data does Freegle keep?

Freegle keeps little personal data, and nothing that would be called sensitive.

Personal Data on Freegle Direct : - email address - User name - Post code

Although this information may not directly identify an individual, it may do if their real name was in their email address.

Additionally if the Address book function is used - Post Code (user could enter a different one to that stored with the membership detail) - Directions - Often this will contain the user's address and other detail to help others navigate to their address)


How does Freegle ensure it complies with Data Protection Law?

Freegle relies on trust to continue to work. Therefore it takes its responsibilities seriously around data protection. We fully comply with current UK law in this area, even though we are not required by the Information Commissioner's Office to register.

We are currently reviewing what we do to ensure that we are compliant with the new EU laws called the General Data Protection Regulation, commonly known as GDPR [3] for short that takes effect from 25th April 2018. The UK government have stated that they will be transferring GDPR into UK law, so it will be relevant post any Brexit decisions.

Key Elements of GDPR and what Freegle are doing

Consent -


Useful Links