The European General Data Protection Regulation will be applicable as of
May 25th, 2018 in all member states to harmonize data privacy laws across Europe.

This new regulation applies to any individual or organization that holds data on any citizen (customer, voter, etc). There are six founding principles upon which GDPR is based. We have provided several features to assist you in becoming GDPR compliant. 

KEY FEATURES FOR GDPR COMPLIANCE

Privacy Compliance Dashboard 

Your campaign Privacy Compliance Dashboard is a transparent view where you identify the contact information for your Data Controller and Data Protection Officer :

Within the same dashboard, you can map the individual personal data fields with the legitimate, lawful purpose for processing that information, in compliance with Article 13 section 2. Your custom fields are included as part of the purpose mapping :

Data Minimization

With GDPR, you need to ensure the personal data that you capture is adequate, relevant and limited. You need to ensure that you are only storing the minimum amount of data required for your purpose, this is Data Minimization.
We recommend that you review all your Custom Fields, and remove any fields that do not meet this requirement.

Subject Access Requests

Under the new regulation, individuals have the right to see what information you hold about that person. In response to a Subject Access Request, you can share all personal information that you hold about that individual by viewing that persons data record on the People Page. Individuals have the right to have their data updated or removed, which you can do through editing or deleting that persons record, again from the People Page.
 

Storage Limitations

All of your campaign data is securely stored in an encrypted cloud based database for the duration of your contract.
You can remove any information which you no longer require including people, houses and imported files by deleting these from the dashboard.
This will be removed instantly from the dashboard and app, and permanently removed from the database within one month.

Obtaining Consent

The new e-signature consent feature is available through the Ecanvasser app.
You can capture a person's consent along with their e-signature as evidence of consent should you need to contact a person in the future for a specific purpose.
The consent statement needs to be a clear and unambiguous message, which provides individuals with 4 options of consent:

  1. to be contacted regarding ongoing issue(s) which the individual has reported*
  2. to receive updates regarding this campaign for the duration of the campaign
  3. to receive news updates regarding this candidate
  4. to receive information regarding volunteer events**

On your campaign settings page, you can control which consent is being captured by toggling the consent types* on or off. 

*Consent to receive updates on an issue is only presented after an issue has been reported
**Consent to receive Volunteer Updates is only presented a person has indicated they are a volunteer

Did this answer your question?