GDPR Compliance

Guidelines in the matter of GDPR 2016/679/EU

The New Regulation on Protection of Personal Data (GDPR 2016/679/EU) is applied to all individual persons, enterprises and organizations, who collect personal data in accordance with their statutory purposes; the collection must comply with the above regulation. The date of effect is 25th of May 2018.

Individuals, as consumers, citizens, customers, employees, etc., need to have the means to exercise their right to privacy and protect themselves and their personal information from abuse of any kind.

Data protection is commonly defined as the law designed to protect your personal data, which is collected, managed, processed and stored by computerized or ‘automated’ means or intended to be part of a manual ling system.

The development and implementation of a comprehensive data protection governance program demonstrates organizational accountability for and commitment to the protection of individual privacy.

The new European regulation sets out heavy fines for those who do not comply it.

As Organization, what we have to do?

• Step 1
  As European Organization, we must complete the initial part of this Regulation, which consists of the analysis of our needs for the compliance. In this sense, as you know, as BPW Europe, we have many levels of membership:

  1) Regional Coordinator and European Coordination Committee
  2) Presidents of National Federations
  3) Presidents of Federation’s Clubs
  4) Presidents of Affiliated Clubs
  5) Members (senior and young)

In accordance to the GDPR 2016/679/EU, we are obliged to acquire the consent of all our members to the processing of personal data. Despite, for this content, the written form is not required, it is prudent to obtain this written form, because, in case of conflict, the Organization must demonstrate to have acquired the consent someway, and this is not easy.

Business Professional Women (BPW Europe aisbl) Rue Defacqz, 109· 1060 Brussels · Belgium EU Transparency Register: 836392015840-91 www.bpw-europe.org

BPW INTERNATIONAL
Business & Professional Women BPW Europe

In any case, the written form is required for the sensitive data such as sex.

• Step 2
  The Regulation provides, in bodies with employees and with a great number of data, that the data collection may be entrusted to external people but our Organization is divided into many small individual realities, with own responsibility; so to involve external people is not necessary. Therefore:

• • As Regional Coordinator, I will ask and I will collect the consents and the concerning data of the European Coordination Committee members, of the National Federations Presidents and of the Affiliated Clubs Presidents.

  • The Presidents of each Federation, will ask and will collect the consents and the concerning data of the Presidents of their Clubs
    Annex Form 1

  • The Presidents of each Club, at local level, , will ask and will collect the consents and the concerning data of each member of their Club
    Annex Form 2

  • The Presidents of each Affiliated Clubs, will ask and will collect the consents and the concerning data of each member of their Club
    Annex Form 3

Each responsible, as indicated above, has to register the data collected in a list. We have to protect this list in a dedicated folder on the Computer.

Please find in attached the letters and the forms to send to the Presidents and Members.

• Step 3

   

  Waiting for more indication about this issue from the European or National Institutions, we have: 

  • to save and protect all these data in a dedicated folder in our computer ;
  • to protect our computer too, by a password to make the data inaccessible to extraneous people.

• Step 4
  We have to collect in a dedicate folder on our computer the New Regulation on Protection of Personal Data but also other national laws in the privacy matter; we have to respect them if they are still valid.
• Step 5
  If we will transmit the data of our members to other countries outside European Union, we will have the obligation to check if there is a relevant legislation in this country respecting Personal Data and make all the necessary recommendations to the receiver of the data about the protection.
• Step 6
  All Presidents should also review the contracts that they have signed with their providers, mentioning the attention to the data, that they (the providers) must be complied as well.

As Regional Coordinator of BPW Europe, I will give you further instructions in this matter, if the European Institutions will give us.

Pinella Bombaci
Executive BPW International Regional Coordinator (2017-2020)

BPW Europe

Business Professional Women (BPW EC aisbl)
EU Transparency Register: 836392015840-91