mirror of
https://github.com/Karaka-Management/Organization-Guide.git
synced 2026-01-11 21:08:41 +00:00
17 lines
840 B
Markdown
17 lines
840 B
Markdown
# GDPR
|
|
|
|
* All personal data or data which can be used to identify a person
|
|
* Collection must be for specific use case(s)
|
|
* Data needs to be accurate (updated)
|
|
* Data mustn't be stored longer than necessary OR for archiving, or statistical purposes.
|
|
* User must be allowed to request deletion (store datetime for interval analysis)
|
|
* Data must be optional unless absolutely required (e.g. HR data, customer info for invoice etc.). All other data requires approval by holder.
|
|
* Person must be at least 16 years old
|
|
* Data breaches must be published after 72 hours
|
|
|
|
## Processing
|
|
|
|
* Consent must be given by person (this consent needs to be able to demonstrate). Therefore it must be a activation checkbox and not a deactivation checkbox.
|
|
* Must be necessary for the contract (e.g. writing invoice etc.)
|
|
* User may request what data is stored
|