Above, in the first item, we clarified that Brigada doesn’t keep anyone’s information — at all. We use MailChimp as an outsourced service. Since MailChimp is the one collecting your information, we believe it is therefore MailChimp’s responsibility to comply with GDPR guidance. However, just to be sure, we started today’s edition with the item you saw up in position #1. From what you are learning, is that sufficient? What sites, beside the general introductory portal…
have been helpful to you? Do you think the EU could actually take someone else to court in another country to enforce its new law? What international court would hear such a case? Thanks in advance for using the web version or the app version of this item to give us your opinion.
You are the controller, Mailchimp is the processor. So you are responsible as an organisation, too. Look at the EU sites itself as a source of authority, as there are also many other sites offiering their services. https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en
I’m afraid you’ll have to do your homework for the controller part, while Mailchimp does theirs for the processor part. And that also applies for your website
Have you run the tools in MailChimp to get your account GDPR compliant? It took me a while to go through and set up everything on mine. Start at: https://mailchimp.com/help/collect-consent-with-gdpr-forms/?_ga=2.97170588.223563486.1529670502-637293727.1520246491
Also, there are things you need to have on your website (see the checklist on the bottom half of this page: https://sixtwo.tech/service/how-to-get-your-website-gdpr-compliant/) FYI, I checked the Brigada page and it does use cookies: http://www.cookie-checker.com/check-cookies.php?url=brigada.org, so you are required to have an explicit statement re: cookies that people check a box to agree to. I don’t know what site builder you use, but it may have some helps for getting compliant. WordPress has tools for WP sites.
Make sure you make necessary changes to any comment forms on your website, any place where people donate, etc. I just noticed this “Leave a Reply” form has the option to save name, email and website…that means you all are storing people’s data, so you need to check regulations for keeping that secure (SSL?) and how people can request for it to be deleted later.
I don’t have all this figured out yet…but yes, it is serious, and yes, there are things that need to be taken care of to be compliant.