In this webinar, Antoine Bonicalzi, Marketing Director* for Cyberimpact, will talk about how you can comply with CASL &GDPR by taking a few simple steps. All in simple plain English, no legal jargon guaranteed! Antoine will cover exactly what CASL & GDPR are, and how they apply to your nonprofit so that you’ll be ready to make 2019 your best data privacy & consent driven year yet.
In this webinar you will learn:
- How to handle your contacts’ personal data
- How to obtain & handle meaningful consent
- The types of software to help you stay compliant
- The channels of communication (e-mail & other digital communication) you can use to promote your work while remaining compliant
* Please note that Antoine is not a lawyer, the content of this webinar does not constitute legal advice. For legal advice, please consult legal experts.
3. The content presented by Cyberimpact is for
informational purposes only, and is a general
interpretation of the law.
This information should not be interpreted as legal
advice. If you are seeking legal advice, please consult
your lawyer.
14. What is the GDPR?
The General Data Protection Regulation (GDPR) is the European Union’s
(EU) new privacy law. Its aim is to give greater protection and rights to
individuals in the EU in regards to the collection and use of their personal
data.
15. Does it apply to your organization?
If your organization has members, donors or website visitors in the EU,
you must be in compliance with the GDPR.
Also, if you collect personal data from European citizens (for example,
through a subscription form on your website) and/or, send commercial
emails, the GDPR applies to you and it is your duty to comply.
16. What do we mean by personal data?
By personal data, we mean anything that can identify an individual.
● Age
● Ethnicity
● Gender
● Postal Address
● Job Position
● Biometric data such as fingerprints and facial recognition
● Medical information
● Unique identifiers such as IP address, location data, email address, etc.
17. The 3 actors of the GDPR
The GDPR makes the distinction between 3 actors.
Data Subject: The person whose personal data is being collected, which could
be users, website visitors, or members.
Data Controller: The entity who is asking users, website visitors, or customers for
their personal information. Your organization would be considered the data
controller.
Data Processor: A third party that processes and stores the data on behalf of the
data controller. For example, Cyberimpact is a data processor.