Page MenuHomePhabricator

Ensure GDPR compatibility of Zynatic and our use of it
Closed, ResolvedPublic


With the switch to the Zynatic membership system most GDPR issues should be resolved.

See e.g.:

We might however need the following:

Event Timeline

On uner-aged members:

Här behöver säkerställas att förälders/vårdnadshavares samtycke kan inhämtas och anges i medlemsregister. Vidare utredning krävs.

A possible solution is the introduction of a checkbox for "parental consent" and a (monthly?) routine for checking that any new member with an age < 16 has this field filled in within e.g. 1 month. Alternatively a text field where a reference to the logged consent can be fileld in.

Draft Personuppgiftsbiträdesavtal received

Zynatic are adding a mechanism for members to explicitly approve of us storing their personal data (and storing that approval).

It's unclear to me how we should handle new members who don't log in. Do we only need a tickbox for this on the paper forms? And can these somehow be linked to the member in Zynatic?

How do we deal with anyone who renews their membership by just pays in the fee (without logging in).

I have broken out the constituent parts as subtasks

Lokal_Profil renamed this task from Ensure Zynatic GDPR compatibility to Ensure GDPR compatibility of Zynatic and our use of it.May 7 2018, 9:50 AM

It would be great if the remaining subtasked could be solved during 2018. They are mainly about writing down the routines which makes the policies easy to live by as part of our everyday work.

Lokal_Profil claimed this task.

This is essentially just a sub-umbrella task with T189098 the remaining task. As such I'll resolve it to decrease the clutter