With one month to go until the introduction of the General Data Protection Regulation (GDPR) the focus for many is rightly the local elections. The team at LDHQ is still working hard and we recognize the importance of breaking down the legislation into smaller chunks. So we have developed a short, three-step process for handling data:
Download, Use, Delete.
We have been mentioning our new mantra recently in training and comms, but it would probably help if we took some time to explain in a bit more detail.
In short, we are trying to describe the ideal journey of data through your computer or personal files. To clarify, below we are talking about Lib Dem data exported from systems on the soon to be released Approved Supplier list.
Download
All information we use should be coming from a limited number of sources. For example: Salesforce for members, Connect for canvassing and Nationbuilder, Prater Raines or other approved platforms for online email sign-ups.
All of the above provide safe storage for data at rest, which from a data security standpoint is important.
Before downloading anything make sure that you have identified opt-outs and unsubscribes. It may sound a bit simplistic but it’s hugely important to do so.
Use
When using information, there are a few things you need to keep in mind. Firstly, where did it come from and why was it collected. Data should only be used in accordance with the reason specified when first collected. We must respect where we have only gained consent to contact a person about a named campaign.
Secondly, think about who will be seeing the raw data, and whether you absolutely need to share it. For example, a printer obviously needs to see a list of names and addresses to produce a targeted mailing. However, the supporter delivering the same mailing not so much.