does anyone deal with GDPR for non-profit networking organizations? I have a question regarding "reconfirming consent".
Does "reconfirming consent" mean I have to contact members of a networking organization to ask them if they want to stay members of the organization? Or does reconfirming consent only apply to newsletters?
We don't have regular newsletters or the like. We only contact members via email regarding application deadlines for our mentorship program and an award we grant, or events we organize.
This video might help?
GDPR: Why you DON'T need to delete your subscriber list on 25th May and 3 practical actions you can take instead. Here's the link to the ICO's 'Lawful Basis For Processing' guidelines: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/ Here's the link to Heather Burns' practical webinar on how to get your business GDPR-ready: https://www.5minute.biz/gdpr/ If you want to write to your MP / Elizabeth Denham at the ICO, asking for a light touch extension for micro businesses until 31st December, I suggest you include: * What you ARE doing to comply already* Where, specifically, you are struggling to comply (e.g. reconfirmation / software providers not offering tick boxes for granularity of consent)* How this could damage your business - the unintended consequences of this legislation Please let me know via the comments how you get on with this.
Posted by Clare Josa on Friday, May 4, 2018
And here's the link from the ICO on the different legal justifications for contacting people:
I don't know the details of your situation, but I'd say that contacting people comes under 'legitimate interests', rather than 'consent'.
Have a look at these resources and let me know what you think.