Add rensningsrutin for donation information
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Lokal_Profil
	Aug 27 2019, 1:51 PM

Description

Now that we have finally started doing some follow up with the donation information we need a Rensningsrutin to document where the information gets stored and when we prune it. The routine needs to clarify that the financial transaction side of the information is governed by tax rules.

We should set up this information already now even if we may come to change to a different system in the future.

Result:

Files are stored in the Medlemskap&Donationer drive. Access to this is granted to the drivegrupp-medlemskap&donation group of which André, John and Evelina are the only members. Membership of this group should be kept in sync with Zynatic administrator membership. The contents of this drive should be limited to sensitive information, other Membership and Donation related documents should be kept in the Kontor or Ekonomi drives.

Rensningsrutin:
...

Related Objects
Search...

Status	Assigned	Task
Resolved	Evelina-Bang-WMSE	T186784 Thank you notices for donations
Open	None	T185470 [Tracking] GDPR/Privacy at WMSE
Resolved	Lokal_Profil	T266434 GDPR data purge 2020
Resolved	Lokal_Profil	T231324 Add rensningsrutin for donation information

Event Timeline

Lokal_Profil claimed this task.Aug 27 2019, 1:51 PM

Lokal_Profil created this task.

Lokal_Profil moved this task from 📥 Backlog to 📆 This week on the User-LokalProfil board.

Also. Create a new shared Drive in GSuite and a new group which has access to it (André, John, Evelina, Mattias, Sven-Erik(?)). Document that access should be the same as for zynatic

@Evelina-Bang-WMSE: The drive to be used is at https://drive.google.com/drive/folders/0ANrCSGgx9dmPUk9PVA

Lokal_Profil updated the task description. (Show Details)Aug 27 2019, 2:55 PM

Lokal_Profil updated the task description. (Show Details)

Lokal_Profil added a parent task: T185470: [Tracking] GDPR/Privacy at WMSE.Sep 6 2019, 8:13 AM

In T231324#5442020, @Lokal_Profil wrote:

@Evelina-Bang-WMSE: The drive to be used is at https://drive.google.com/drive/folders/0ANrCSGgx9dmPUk9PVA

The contents of this drive should be limited to sensitive information, other Membership and/or Donation related documents should be kept in the Kontor or Ekonomi drives as before.

Evelina-Bang-WMSE mentioned this in T235432: Update data purge instructions.Oct 29 2019, 2:15 PM

Eric_Luth_WMSE edited projects, added WMSE-Association-Involvement-2020; removed WMSE-Association-Involvement-2019.Jan 13 2020, 1:35 PM

Lokal_Profil moved this task from 📆 This week to 📥 Backlog on the User-LokalProfil board.Jan 21 2020, 6:28 PM

@Evelina-Bang-WMSE @Maria_Burehall_WMSE @Jopparn @Historiker
Draft for rensingsrutin, compare to text at wmse:Integritetspolicy#Donationer and other rensningsrutiner at wmse:Integritetspolicy/Registerförteckning och rensningsrutiner

Typ	Lagringsplats	Syfte	Rättslig grund	Säkerhetsklass	Rensningspolicy	Kommentar
Donationsregister	Drive	Ge kvitto och tacka för donationer, informera om kommande insamlingar, rapportering till myndigheter	Intresseavvägning för vårt berättigade intresse att vårda donatorer	2	Rensas efter 2 år.	Information om den finansiella transaktionen vilken krävs för bokföringssyfte rensas i enlighet rutinen för Bokföring

I'm not happy with the phrasing for "Rättslig grund".
I set 2 years to allow us to e.g. ping a Christmas time donor a year (and a bit) later. 2 years feels like the longest we can motivate based on our intended use of the information and the collection of the data not relying on consent.

Lokal_Profil moved this task from Backlog to In progress on the WMSE-Association-Involvement-2020 board.Feb 28 2020, 2:38 PM

Lokal_Profil added a subscriber: Historiker.

Evelina-Bang-WMSE moved this task from Backlog to Evelina on the User-Evelina-Bang-WMSE board.Feb 28 2020, 3:21 PM

Evelina-Bang-WMSE removed a project: User-Evelina-Bang-WMSE.Mar 11 2020, 4:02 AM

Evelina-Bang-WMSE unsubscribed.

New re-phrasing. In part this leans on the fact that we now know we need to report some statistics to Giva Sverige on a yearly basis.

Typ	Lagringsplats	Syfte	Rättslig grund	Säkerhetsklass	Rensningspolicy	Kommentar
Donationsregister	Drive	Ge kvitto och tacka för donationer, informera om kommande insamlingar, rapportering till myndigheter samt sammanställning av årlig statistik.	Intresseavvägning för vårt berättigade intresse att vårda donatorer och analysera donationstrender.	2	Rensas efter 2 år.	Information om den finansiella transaktionen vilken krävs för bokföringssyfte rensas i enlighet med rutinen för Bokföring.

A question is whether we also need to add "Sammanställning av anonymiserad statistik för rapportering" to the Integritetspolicy.

Lokal_Profil added a parent task: T266434: GDPR data purge 2020.Oct 26 2020, 8:22 AM

In T231324#6033781, @Lokal_Profil wrote:

New re-phrasing. In part this leans on the fact that we now know we need to report some statistics to Giva Sverige on a yearly basis.

Typ Lagringsplats Syfte Rättslig grund Säkerhetsklass Rensningspolicy Kommentar

Donationsregister Drive Ge kvitto och tacka för donationer, informera om kommande insamlingar, rapportering till myndigheter samt sammanställning av årlig statistik. Intresseavvägning för vårt berättigade intresse att vårda donatorer och analysera donationstrender. 2 Rensas efter 2 år. Information om den finansiella transaktionen vilken krävs för bokföringssyfte rensas i enlighet med rutinen för Bokföring.