Jingga/Organization-Guide
1
0
Fork 0
mirror of https://github.com/Karaka-Management/Organization-Guide.git synced 2026-01-11 12:58:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
Organization-Guide/Workfiles/App/GDPR.md

840 B
Raw Permalink Blame History

GDPR

  • All personal data or data which can be used to identify a person
  • Collection must be for specific use case(s)
  • Data needs to be accurate (updated)
  • Data mustn't be stored longer than necessary OR for archiving, or statistical purposes.
  • User must be allowed to request deletion (store datetime for interval analysis)
  • Data must be optional unless absolutely required (e.g. HR data, customer info for invoice etc.). All other data requires approval by holder.
  • Person must be at least 16 years old
  • Data breaches must be published after 72 hours

Processing

  • Consent must be given by person (this consent needs to be able to demonstrate). Therefore it must be a activation checkbox and not a deactivation checkbox.
  • Must be necessary for the contract (e.g. writing invoice etc.)
  • User may request what data is stored