Hi there and welcome to the 1.3 release of TeamKinetic. We’ve got some great new time saving features this time round, the normal raft of small fixes and tweaks and a large dollop of accessibility improvement as we journey towards a fully accessible system for all users.
Headline Updates
Full screen layout for administrators and providers. We’ve removed the logo header bar to give more room for what matters
Brand new dashboard for administrators and providers
Universal search across volunteers, opportunities and providers is available right from the top menu on all pages
New mapping library which produces we think, better looking maps
Trusted status for providers
Upload your own custom areas for reporting and searching
Contextual help bar available anytime from the top menu
Keyboard accessible menus
Accessible forms
Accessible help tooltips
Accessibility layout improvements
Front page slider image controls improved
New application options
New POD functionality
Pause or end participation in a flexible opportunity without leaving the opportunity and losing hours.
New Dashboard
We’ve completely redesigned the dashboard for administrators and providers and it is now very much focused around helping you to get the tasks you need to do, done!
New administrator dashboard
Authorisations, latest chatter messages, logged hours since your last visit and lots more are displayed right there everytime you login. We’ve added some insight into your programme, like who is logging hours, which opportunities or providers are performing badly and suggested tasks to keep on top.
We think this new dashboard will be a real time saver.
Universal Search
From the top menu bar you now have access to a number of new areas including the universal search. It’s a stripped down lookup service that will find matching volunteers, opportunities and providers.
Universal search and lookup
Its obviously not as fully featured as the specific search pages for volunteers, opportunities and providers, but its fantastic for navigating quickly between different things. It also gives you a little visual clue as to the status of each entity, red for access denied when a volunteer, unauthorised when a provider and closed when an opportunity and green for access granted, authorised and open respectively.
New Mapping Service
We are switching to Open Streetmap for our mapping service. This is a fantastic open sourced effort to map the world without the propriety nature and vagaries of being in the Google ecosystem. It also has we think more natural looking maps.
Open StreetMap
Contextual Help
We have built a foundation for us to enable contextual help on every page. This will be accessible from the help icon in the top menu and will reveal all the help topics and tutorials for the page you are currently using. Both administrators and providers have access and we hope it will help new providers especially, get the most from TeamKinetic, and of course ask you less questions!
The slide out help menu available on every page
We are working hard to get help for as many pages as possible on launch but we’ll be adding them progressively and in response to questions that regularly arise. Let us know if there are any topics you’d like to see in the help menus to aid your users.
Accessibility
I’ve already blogged about the accessibility improvements we have coming in this release. This has been a really rewarding process and I’m looking forward to some feedback for how we can keep improving in this area. Most of the effort has been concentrated in the volunteer’s portal but there have been improvements throughout.
New Administrator Controls
Include the volunteer stats in the weekly email. We had some reports that volunteers that were interested in volunteering but hadn’t yet taken the plunge, we’re getting discouraged seeing zero stats every week!
Overlapping session booking option. Using this you can control if volunteers can join sessions which overlap or conflict. We are working on providing a further control to determine how close the sessions need to be in order to initiate the conflict. Volunteers are informed if they attempt to join sessions which overlap, on either the same or different opportunities. By default volunteers are not allowed to join overlapping sessions.
Require volunteers to upload a photo before they can join any opportunities.
Display nationally shared opportunities on your version of the native mobile applications. When enabled users will also be able to view and join nationally shared opportunities direct from their applications.
Ending Flexible Opportunity Attendance
For very long running flexible opportunities its useful to know if volunteers are finished. Previously this was only really possible by asking the volunteer to leave the opportunity but that meant there was now a hole in the audit trail and information for that opportunity.
Volunteers can now click a button when logging hours to say they won’t be logging any more hours and have effectively left the opportunity.
Volunteers can now say they have finished with a flexible opportunity
The same functionality is also available for administrators from the volunteer list on the opportunity management page. Just click the pause icon to flip the volunteer to the finished state and the play icon to flip the back. The volunteers that have finished are separated from the still active ones so you can easily keep track of your flexible volunteers.
Admin display separating finished and active volunteers on flexible opportunities
Launch Date
We’ve processed close to 200 issues for this release and there are many small improvements and bug fixes throughout the application and we are excited to be releasing 1.3 on March 31st.
This December, TeamKinetic has an early Christmas present for our customers. We will be releasing one of our largest ever update with some significant improvements and extra functionality across the board. Below are the biggest changes.
Session Names
Use of “Google places” to search and create opportunity locations
Complete re-write of the opportunity apply process
Custom Open-badge awards
Lots more customisation options
Our POD system for enterprise clients
Day schedule report available for everyone
Invite new volunteers via email (for providers and admins)
New search and download options for criminal checks
All transaction emails sent via Mandrill for improved deliverability
As well as the raft of 150 or so bug fixes, minor improvements and speed gains.
We will be sending a notification to all our customers pointing you to this blog and also to encourage you to login to the beta site (using your normal login details) and give some feedback on the new features.
Your feedback is essential. We take your feedback seriously and it helps us understand your needs and issues. You also help us spot potential bugs and operational considerations that we may not have considered for this update. We take every care to test the application before we update the code but we don’t always have a test that fully represents your exact usage, so we ask you to login to the beta site and try it out for yourself.
If you do find any issues or would like to raise some concerns, you can send feedback using any of the following ways.
Complete a support ticket in the HELP menu.
Send us an email and put in the subject line “BETA SITE”
Call us here at the office on 0161 914 5757 and press option 1 and talk to Support Team.
If you have not done it yet, join our Facebook ADMIN group and send us a message.
Send us a Tweet telling us what you think of the new features.
Named Sessions
When creating or editing opportunities you are now able to name sessions. This is great if you have an opportunity that might have sessions on at the same time, say water stations along a marathon route. Using this new feature you could have 5 sessions within the one opportunity, all at the same time but identify them as, Station 1 – at 5Km, Station 2 – at 15 Km and so on.
New and Improved Search
Many of you will have already tried out the new search at various points along its beta testing. We have been able to incorporate much of your suggestions and it should now be much easier for volunteers to find opportunities.
You can now enter a place name in the location field and not just a postcode, this lookup is powered by Google Places which have over 2 million defined areas and places. This is a great improvement as its now possible to perform a search like; show me opps within 2 miles of Liverpool, or Bristol University and so on.
There are extra filters like accessible and expenses paid and the sorting algorithm has been improved. If a search is entered the results are automatically ordered by relevance and those opportunities with the search terms appearing closest together will be at the top.
The new search also prevents empty searches resulting in hundreds of unfiltered opportunities being returned. For those of you lucky enough to have hundreds of available opportunities a user will be asked to enter at least a distance or a search string in order to limit the number of search results.
New Opportunity Applying Process
The applying process for opportunities has now been improved greatly. When an opportunity is marked as APPLYING, volunteers will be able to view the opportunity and its sessions but will not be able to join any sessions. Instead, they are asked to “apply”. At this point, any pre-requisites demanded by the opportunity are completed and then they are passed to an “New Applicant list”.
The applicants for the opportunity are visible on the opportunity management page for the admins/providers. From there you can view their details and pre-requisites and decide whether to approve or deny the application.
Approved volunteers are informed and are then able to join sessions as normal. Denied volunteers are also informed but are not able to join sessions or reapply as they remain in the applicant table as unsuccessful.
Open-badge Awards
You can now create your own badge awards to give to volunteers. These are designed around the OpenBadges system and volunteers will be able to store these badges in their own external badge backpack and use them anywhere where OpenBadges are accepted.
OpenBadges are a great way to reward volunteers in a way that enables them to build a recognisable portfolio of achievements that they can use to develop their skills everywhere.
Once a badge has been ‘baked’ into their backpack they can choose where and with whom to share that achievement.
In this first iteration, you can only award badges manually using the volunteer profile. We are looking at the possibility of creating automated awards based on a number of criteria; hours, opportunities, length of service etc. We would love to hear your ideas about the kind of badges you might like to have?
We have opened up more of the system for much greater customisation by the super admins.
Using the super admin menu you are now able to customise all “registration form labels”, “help titles” and “help content” right from the SETTINGS menu.
Fancy a new front page look? Then check out the new LOOK & FEEL menu and enter your own HTML code for the front page and get a quick preview before saving and making live.
For power users, there is a CSS section where you can change the entire site style if you want. You can target home page elements, links, containers and change margins, colours and anything else you want. The custom CSS file is loaded after all defaults so you can override any existing settings.
If you would like your site to be updated but don’t have the skillset to do it, in-house, drop us a line and one of the team will get in touch to talk through your ideas and potential costs.
POD System
Enterprise clients can now choose a new type of application structure that we call PODs. This enables you to split up the administration of providers and opportunities into PODs and assign administrators to those PODs.
POD administrators only have access to the providers in their POD and the opportunities they have created.
Each POD also has an editable mini homepage that the POD admins can create to advertise their own opportunities.
It’s a great way to enable separate departments within a larger organisation some autonomy whilst keeping all your opportunities in one place for your volunteers. If you think the POD might be something you and your organisation would like to know about then get in touch with our sales team on 0161 914 5757 and they can talk you through the options.
Day Schedule Report
The day schedule report is available from the REPORTS menu and offers a quick insight into the activity on any day across all opportunities and events.
Simply pick your time period and the report will return all sessions that are happening within that period, including the volunteers on each session and stats about that session. You can also check in volunteers right from this screen which will log their hours for that session.
Its a super easy way to keep track of what’s going on over the days and weeks ahead.
Invite Volunteers via Email
Invite your existing volunteers via their email address. Just paste a list of comma separated emails or upload a CSV to send out an invite email with a link to reigster on your system. Maintains a list of all invited volunteers and lets you know if they have registered yet. Providers can also upload their own separate lists and if volunteers join via the Linking address in the email, they will automatically be linked to the provider sending the invite.
For administrators you can find it in the SETUP section of the settings menu. For providers it is in the VOLUNTEER menu.
Search and Download Expiring Criminal Checklists
Search for volunteers with expiring criminal checks and also for those criminal check applications that are overdue and download the results.
An enforced maximum validity for a criminal check has been added to your application options screen. Whenever a criminal check is added this date represents the maximum allowable time before the check expires. If an expiry date is entered which is beyond this date it will be reduced to the maximum allowable period.
This ensures that all criminal checks on the system have an expiry date and the new search page makes it easy to find expiring checks and get prepared.
All Transaction Emails Sent via Mandrill
All our transaction emails, that is emails that are sent automatically in response to an action like joining an opportunity, are now sent via Mandrill. Mandrill is one of the largest transactional email platforms, sending billions of messages a month.
This move will aid deliverability and reduce false spam alerts.
I thought it was time to codify our release protocol, it has changed a bit over the years but is now pretty consistent so I thought I would share it.
We have a target of two major releases a year and two more interim releases between those. We aim to have a major release point in Q1 and then a further major release point in Q3 with an interim release point in Q2 and Q4.
Interim Releases
Interim releases usually consist of non-urgent bug fixes, small interface upgrades and corrections and not new functionality. Major release points will potentially have new functionality and new UI/UX layouts, and perhaps entirely new sections and methodology.
Interim releases will have a cut-off date for new tasks approximately 4 weeks before release date. This gives us four weeks to complete all the outstanding tasks then enter the testing phase and the subsequent iterations. A week before release we will produce some communications if we think there are changes that will impact our users or alter their workflows. We will offer all our users a chance to try out the release via our beta application. We will attempt to incorporate any minor feedback before the release date, or push back the release date by a maximum of 14 days in order to address the feedback correctly. If any major issues or feedback is received we may decide to draw back from the release, work on the new changes and rollup the interim release into the next major release.
Interim Release Schedule
Weeks 0-8
During this period we will collect and collate all bug reports and new feature requests and decide which are to be included in the interim release.
Work will begin immediately on making the required changes and updates to the beta version.
Week 8
No more new bug fixes or changes are accepted for this release (emergency bugs are handled differently and fall outside the scope of planned upgrades).
Weeks 8-10
Work continues on completing tasks and testing
Week 10
Comms are sent and customers are invited to use the beta site and feedback with their experience and questions.
Week 11
Any feedback is incorporated and tested it possible
Week 12
Any tasks that have not been possible to complete are moved to the next release
Final comms are produced if necessary and the release is scheduled for the end of the 12th week.
Major Releases
Major releases are similar but the cut off date for new functionality is quicker as it will take longer to design, build and test fully. The cut off date is increased from 4 weeks before release to 8 weeks before release. This to allow for a longer period of testing by ourselves and the customers in order to enable us to capture and act on more feedback on potentially large changes.
Major Release Schedule
Weeks 0-8
During this period we will collect and collate all bug reports and new feature requests and decide which are to be included in this release. This will usually entail at least one major change.
Week 8
No more new bug fixes or changes are accepted for this release (emergency bugs are handled differently and fall outside the scope of planned upgrades).
Weeks 8-16
Work continues on completing tasks and testing
Week 16
Comms are sent and customers are invited to use the beta site and feedback with their experience and questions.
Weeks 16-20
Any feedback is incorporated and tested it possible
Weeks 20-24
Any tasks that have not been possible to complete are moved to the next release
Final comms and support material is completed and distributed and the release is scheduled for the end of the 24th week.
Normally we would expect to add a higher volume of small changes to the interim releases and less, but more impactful changes to the major release.
This schedule can not always be followed and it may be necessary to only have one major release in a year and on occassion there are only interim releases as no major new functionality has been added.
Releases are numbered using the regular convention;
1.2.3
^ ^ ^
| | |————— Minor revisions, spelling corrections etc
| |—————– Minor function changes or additions etc
|——————- Major function changes, UX/UI changes etc
An interim release would increment the last or second digit, a major release would increment the second or first digit. At the time of writing we were on TK v1.0.1 (after a major change from our old releases it was decided to reset the version numbers to 1.0.0). Our next release is scheduled for August and will be v1.1.0.
Admins can now register volunteers directly from their admin menu by going to VOLUNTEER MANAGEMENT > CREATE VOLUNTEER.
Create a volunteer without an email address
The admins ‘Create Volunteer’ registration page differs from the standard registration page as it allows you to create a volunteer without an email address or password. The volunteer cannot log in, so the administrator would be responsible for joining and logging hours for the volunteers account, but this negates the need to make up dummy email addresses and passwords.
If a volunteer does not have an email address, then this is shown on all pages where you can send an email to the volunteer, so you know which volunteers you will need to telephone, rather than email.
Special Requirements Status
Admins and providers can now see very easily if a volunteer requires additional support on an opportunity by the new Special Requirements icons. This helps notify the provider that they need to look at the volunteer’s details and make sure they can accommodate their individual needs.
Custom Volunteer Profile Fields
Are you fed up of using the admin notes section to record information on volunteers? Well, admins can now add custom fields to volunteers that DO NOT appear in the registration page.
This means that you can capture any information on a volunteer including:
If they have attended an internal course
Any additional information you capture during an induction
If they have completed a particular process
If they have attended an induction meeting
These custom fields are displayed in the volunteer’s profile, and you can stipulate who can see the information (volunteer, provider or just administrators)
Volunteer photos on Find Volunteers page
You can now see the volunteers photo next to their names by going to VOLUNTEER MANAGEMENT > FIND VOLUNTEERS and clicking the SEARCH button.
TeamLeaders
There is often a trusty volunteer who is on the ground and is in a much better position than the provider to help volunteers and to know which volunteers have turned up. These users can now be marked as “TeamLeaders” giving them the ability to mark whether other volunteers have attended the opportunity, which also logs the provider hours on the opportunity. You can specify the number of TeamLeaders you want per session which is independent of the number you set for volunteers.
TeamLeaders have no effect on Flexible opportunities as the checking in process is not relevant.
TeamLeaders are not currently supported on the iOS and Android apps, if you have TeamLeaders enabled users will not be prompted to try the app till TeamLeaeder functionality is included.
Following and Favourites
We have added the ability for volunteers to follow providers and opportunity categories that they like or are particularly interested in.
Once followed, whenever a new opportunity is added by their favourite providers or in their favourite categories they will receive an email with the details so they can jump in quick.
Weekly Email
The weekly email volunteers receive that summarises what’s going on in the following week has been radically overhauled. It is now far nicer to look at and includes details of any events that are going on that week, any new opportunities that have been added since the last email, and any opportunities that have sessions in the coming week. Additionally, any sessions the volunteer has joined for the upcoming week are listed.
This email goes out every Friday evening at 6:30 pm(GMT) to all those volunteers that have opted in to receiving emails and also to all those volunteers that have sessions in the coming week.
Below is an example from Queen Elizabeth Park, each email will carry the colours and branding of your site and contain your most relevant content.
You can switch the weekly email off from your super admin settings page at SETTINGS > APPLICATION OPTIONS > EVERYTHING ELSE
As always we love your feedback on these types of changes, so let us know what you think by emailing us here
Session Calendar
The session calendar now excludes sessions where the maximum number of volunteers has already been reached. In addition, any sessions in the past, that have not already been joined, do not have an active link.
This gives us a faster calendar and we prioritise sessions that are still available to join leading to a less frustrating experience for the user.
Volunteer Session Display
We’ve added a handy session view to the volunteer details page. Previously you could see the opportunities a volunteer was on and then drill down to the sessions, which was fine for most of our users.
Some users are however much more focused on sessions rather than opportunities and it was a drag having to find the opp and then the sessions. This new view available from the sessions tab on the volunteer info page lists all sessions from 6 months ago (we will be adding new searching and filtering in future releases). Any that are in the past can be quickly checked in and the hours logged. Its a great way to spot sessions where the provider has yet to log the volunteers hours.
Mobile App Prompt
We will now be giving users the chance to download our mobile companion apps from the login screen. If a volunteer accesses the login screen using an iOS or Android device they will be prompted to open the app store and download the app.
Please note that TeamLeaders are not yet supported in the mobile app.
Custom Provider Profile Questions
As for volunteers, you can now also add your own custom questions to a provider profile to store specific information you might require against each provider.
You can add these from the same place as registration custom questions in SETTINGS > CUSTOM QUESTIONS from the super admin menu.
These questions are private and not viewable or editable by the providers.
Email History
Providers can now view their email history from ACCOUNT DETAILS > EMAIL LOG. This includes emails they have sent and those they have received from the system, like opportunity joining notifications.
Admins can also see any providers email log via the providers profile page. The volunteer email log has been available since the last update.
Opportunities
More Opportunity Location Types
When creating opportunities you can now specify if the opportunity ‘covers an area’ (e.g. posting leaflets or visiting the elderly). This shows as a large circle on the map and also allows you to describe the area (e.g. North San Francisco)
You can also mark an opportunity location as ‘volunteer from home’.
Both types of new opportunity locations are available as filters, which brings us to…
New Search Filter
Volunteers can instantly filter their search results in a more user-friendly way with the addition of filters along the left side of the search results. Here you can limit the search to a particular category, opportunity type or tag etc.
Better Search Matching
We have included the ability to search for names and words with apostrophes that will match whether the apostrophe is there or not, so St David’s will match St David’s and St Davids.
Conflict Checking
Volunteers will no longer be able to join sessions that overlap in time. If they try, they will receive an alert letting them know they can’t join the session because it conflicts with an existing one.
Route Calculation
Volunteers can now calculate a route from their home location to the opportunity by car, public transport or cycle. This is accessible from the opportunity details page before they join an opportunity and from the opportunity management page location tab, if they have already joined.
Session Confirmation
Previously we only sent the session confirmation email, which consists of a summary of the sessions joined for the opportunity, the first time a user joins an opportunity per user session. This method was used to reduce the number of emails a volunteer receives immediately after joining multiple sessions. This however proved to confuse the users who were suspicious of what the screen was showing them if they did not receive a confirmation email.
The confirmation email is now sent every time they join a session regardless. We would be interested to hear your thoughts on how you think this may impact the volunteer and if you have any feedback we would love to hear it.
Reports
Day Schedule report
Have you ever come in on a Monday morning and wondered what volunteering activity is happening that week. The latest update includes a report which shows you exactly what opportunity sessions are happening that day, week, or on an opportunity or event.
The new ‘Day Schedule’report allows you to view a list of all sessions that are taking place on a particular day (or range of days) by going to REPORTING > REPORTS & ANALYSIS then click on the OPPORTUNITIES tab and scroll to the bottom of the page.
These also contain the list of TeamLeaders currently on the session and it also allows you to flip a volunteer from a regular to TeamLeader roles.
Opportunity Tags report
You can now see how many opportunities are tagged with a specific word, and how many hours have been logged against it. To access this report go to: Reporting > Reports & Analysis > Opportunities from side menu then scroll down the page.
Orbit Summary Reports
For those of you in an Orbit network, you can now search across the entire Orbit for volunteers, providers and opportunities. You can quickly find out what Orbit member a resource belongs to, and some useful information about each resource.
This is available from its own menu entry ORBIT SUMMARY. This will only be visible for administrators of Orbit systems.
References
Complete references yourself
If you like all your volunteers to have a reference before they join any opportunities, then this update will certainly be of interest.
Admins can now complete references themselves, or they can manually send a reference form to a referee. This allows you to hold references against volunteers before they have even joined an opportunity.
We have also added the ability to re-submit a reference to the original referee.
We welcome your thoughts and your feedback on these changes if you wish to share them with us just drop me a quick email.
We would love to see you all at our conference this year, where we can talk about the future developments in TeamKinetic in much greater detail. If you have not claimed your free ticket yet, then head to your application or call us in the office on 0161 914 5757 and we will get you booked on.
TeamKinetic are proud to announce we are now mobile! With the release of an iOS and Android App, volunteering has never been more accessible and easier.
Following our last annual volunteering conference, the demand to create a mobile app for volunteers has been high and at the forefront of our road map for development. Following some careful consideration TeamKinetic have developed the App and we are pleased to announce it is now available in the iTunes Store and Google Play.
To use the app, volunteers need to have previously registered online with an organisation’s volunteer website portal before being able to sign on. Registered volunteers are then able to search for opportunities from all providers that advertise on or use a TeamKinetic System via the app.
In a simple four step process volunteers can search for opportunities, log hours, leave feedback and edit personal details and much more:
Register online via provider website (i.e MCRVIP)
Download TeamKinetic App
Sign In using login credentials
Search and join volunteer opportunities
For those of you interested, we continue to explain the process and factors considered for designing the app below.
Why is the app not specific to an organisation?
It is technically very difficult to brand an application. It is not possible for us to upload a variant of the native application for every organisation. We have settled for a system wide app that will include branding details of the volunteers home organisation once they have logged in.
What is the best feature/s on the app?
Both the Android and iOS apps contain super convenient notification systems that alert a volunteer to any upcoming sessions right in their phones notification panel. These work whether the device as internet connectivity or not.
Why do volunteers need to have previously registered online before using the system?
Our existing customers were nervous that users that find the app before registering with their local volunteering organisation would never realise the full potential of their local volunteer network, only being exposed to shared opportunities. For this reason, we decided that the application would be a companion app for existing users.
Any additional questions and answers you think may be relevant?
The app will be advertised to all users logging in through their home organisation when using a mobile device. In addition, we will be using regular notifications to let users know there is a mobile app available and adding a footnote to the weekly emails with download links.
We think that volunteers will find more opportunities and log more hours when they can search for opportunities whenever and wherever they are.
If you have any further questions or would like to find our more on TeamKinetic’s app or volunteer management software, please get in touch with one of our team.
You can find TeamKinetic on social media and listen to our podcast:
This document will continue to develop over time as we respond to more questions from our customer and users. Please feel free to subscribe to stay up to date.
1. Do we need to get renewed consent from every volunteer and provider?
We will be asking all volunteers and providers to review their consent settings for communications and the sharing of their data with volunteer opportunities. You can see this email here
Renewed consent and acceptance of the new EULA will be required when logging in.
We think the consent we have already obtained from volunteers and providers provides us sufficient cover under the ‘legitimate use’ to ensure we do not need to delete users accounts.
2. How long do you keep data after someone has unsubscribed or withdrawn consent?
Unsubscribed relates to email/SMS correspondence, and users are removed immediately from all mass communication and newsletter emails. They will still receive transactional emails specifically related to them and their volunteering. If a user withdraws consent or asks to be removed their volunteer data is immediately anonymised and their personal data is moved to a table only accessible by a system administrator. This moved data is stored for a further 7 days before being permanently removed. We do this to enable us to restore a volunteer profile deleted in error. Data in backups will disappear after our 30 day retention period. Data from backups is restorable but an hourly charge is levied.
3. What is your process if anyone exercises their right to be forgotten.
We will immediately start the removal process for any volunteer requesting to be forgotten or who asks to be removed. The data removal follows the same pattern as above in point 2.
4. How long would it take to delete their data entirely?
Volunteer data is made anonymous immediately. Personal data is immediately unavailable to volunteer administrators and providers. Data in backups will be removed after our 30 day retention period.
Data in backups is only accessible by our network administrators and not by any users at any level of our applications.
5. Do you have an archive of all the data we hold in the database?
All data is transactionally backed up daily and stored encrypted. Backups are maintained for 30 days.
6. Is the data anonymised at any point?
If a request for removal is received then volunteer data is immediately anonymised.
7. Is your data encrypted?
Password data is stored using a one-way hash using a randomised SALT with a length sufficient to prevent practical brute force or collision attacks.
All data at rest in backup or in transit is encrypted using a minimum 30 character length password.
8. Can the TeamKinetic privacy policy be found on the database by volunteers?
Registration number: ZA036104
Date registered: 14 January 2014
Registration expires: 13 January 2021
Data controller: TeamKinetic Ltd
Address:
Office 14 Parkway 2
Parkway Business Centre
Princess Road
Manchester
M14 7HR
12. Where do you explain to the volunteer that data is shared with other parties
Our email to all volunteers will reiterate that data is shared with providers and potentially external administrators where a volunteer opts to volunteer on an opportunity outside their application.
For all new volunteers, this consent is explicitly captured during the initial sign up process.
13. What fields can a provider see on a volunteer
Providers can see (but not edit);
Age
Contact phone number
Email address
Gender
Special requirements and disabilities (if the volunteer has chosen to share)
Criminal record check status
Unlocked custom registration fields
14. Can “Admin” users set some “Custom Fields” to be visible to “Providers” or not visible?
Our next release in June 2018 has enabled custom fields to be locked to admins only.
15. Can you make custom registration fields compulsory?
Yes, custom fields can be made compulsory.
16. How long do we store data on volunteer and providers?
TeamKinetic believe volunteering is a lifetime pursuit and as such see no reason to remove a volunteer profile on behalf of a volunteer due to inactivity.
We do believe it is important for a volunteer or provider to have the ability to remove themselves as and when they see fit
We appreciate that some organisations will not share our view, so we will provide a tool that will allow Admin users to search the database for inactive users based on Admin set criteria of time. This will provide a list of inactive volunteers the admin user will be able to remove from the system on mass.
17. Is there any further information of TeamKinetic and GDPR
Yes. We have a record of all Data Processors details and access to the data is maintain under strict regulation. We have detail records for the purpose of processing, descriptions of categories, detail data flow diagrams and full documentation of all third party data processors we work with. This is complemented by our policies on security, continuity and privacy.
19. Does TeamKinetic have a Sub-processor or level 2 processor change request process?
TeamKinetic shares very limited data with sub-processors and that data is anonymised. All sub-processes are legally bound by TeamKinetic to meet our data standard as outlined in schedule 6.
All customers are asked to review the schedule below. This will be sent in a separate email to all existing customers as an addendum to our current agreement and will require signing as soon as possible.
Schedule 6 Data Protection
1. Data Protection
1.1 For the purposes of this clause, the following definitions apply;
(i) ‘Data Controller’, ‘Data Processor’ and ‘process’ have the meanings given to them in the Data Protection Act 1998 and from May 2018 the General Data Protection Regulation 2016/679;
(ii) Service Users shall mean those who sign up to use the Services.
(iii) ‘Personal data breach’ has the meaning given to it in article 4(12) of the General Data Protection Regulation 2016/679;
(iv) ‘ Personal Data’ shall mean the personal data of the Service Users including their name, contact details, email, address, disability information, gender and employment or education experience.
(v) ‘Privacy Laws’ means the Data Protection Act 1998, Directive 95/46/EC, the General Data Protection Regulation 2016/679 qne the Privacy and Electronic Communications Regulations 2003; and
(vi) ‘Privacy notice’ means a notice providing individuals with information about the purpose for which and manner in which their personal data will be processed and the organisations that will be undertaking that processing.
1.2 With respect to the parties’ rights and obligations under this Contract, it is acknowledged and agreed that the Customer is the Data Controller and the Supplier is the Data Processor in relation to the Personal Data.
1.3 Where processing Personal Data on behalf of the Customer the Supplier agrees to;
(i) provide the Services in compliance with all relevant Privacy Laws;
(ii) not do anything (or permit anything to be done) which would put the Customer in breach of its obligations under Privacy Laws;
(iii) only process the Personal Data in accordance with the Customer’s instructions and only for the purpose of delivering the Services and not for any other purpose;
(iv) only process the Personal Data in such manner as is described in the Contract and, in any event, only process the Personal Data to the extent that is necessary to deliver the Services;
(v) implement and maintain the technological and organisational measures to protect the Personal Data against accidental or unlawful loss, alteration, destruction, or unauthorised disclosure, dissemination or access, or alteration;
(vi) not disclose or transfer the Personal Data to any third party (save where disclosure has been specifically authorised by the Customer under this Contract) and only provide access to the Personal Data to your personnel where such access is necessary for the provision of the Services
(vii) take reasonable steps to ensure the reliability of any of your personnel who have access to the Personal Data, ensure that those personnel are aware of their obligations set out in this clause 1 and have undergone adequate training in the care, use and protection of personal data in compliance with the Privacy Laws.
1.4 Upon the Customer’s request, the Supplier agrees to permit the Customer or its authorised agents to inspect the Supplier’s premises, data processing activities and systems, and/or have access to, and be provided with copies of any information (including without limitation the Personal Data) to enable the Customer to be satisfied the Supplier are complying with the obligations under this Schedule 6.
1.5 The Supplier must not sub-contract or assign any of its right or obligations under this Contract without the Customer’s prior written consent.
1.6 Where the Customer provides written consent to sub-contracting of the Services under clause 1.6, then the Supplier agrees to impose a binding legal obligation on their sub-contractor to comply with the obligations in this Schedule 6 where that subcontractor has access to, or will be otherwise processing, the Personal Data. For the avoidance of doubt, any such subcontract shall not relieve the Supplier of its obligation to comply fully with this Schedule 6 and the Supplier shall remain fully responsible and liable for ensuring full compliance with this Schedule 6 in all respects.
1.7 The Supplier will not transfer any Personal Data processed under or pursuant to this Agreement outside of the European Union without the Customer’s prior written authorisation. Where the Customer authorises the transfer of Personal Data outside of the European Union, the Supplier agrees to comply with any instructions the Customer may issue which are necessary to achieve compliance with the Privacy Laws.
1.8 The Supplier agrees to notify the Customer as soon as practical, and in any event within five working days, if the Supplier receives;
i. a request from an individual to access their Personal Data or to exercise the rights of individuals under Privacy Laws including the rights of rectification, restriction, blocking, data portability and/or erasure;
ii. a complaint relating to the processing of Personal Data under this Agreement;
iii. notification that an individual wishes to withdraw their consent, or otherwise objects, to the processing of their Personal Data under this Agreement; or
iv. any communication from the Information Commissioner or any regulatory authority in connection with the Personal Data.
1.9 The Supplier agrees to comply with our instruction regarding the response to and handling of a complaint, request, notification or communication described in clause 1.9 and provide such reasonable assistance to the Customer as is required to ensure that the Customer can comply with its obligations under the Privacy Laws.
1.10 The Supplier agrees to notify the Customer promptly, and within 24 hours, in the event of an actual or suspected personal data breach involving the Personal Data processed under this Agreement. The Supplier agrees to co-operate with the Customer fully to investigate such a breach by furnishing the Customer with information as may be reasonably required about the breach and the Supplier’s processing activities. The Supplier also agrees to comply with the Customer’s reasonable instructions regarding the management of and response to the breach and any steps necessary to prevent an equivalent breach in the future.
1.11 The Supplier agrees to comply with the Customer’s instructions as to the period for which the Personal Data shall be retained and regarding secure destruction or return of the data to the Customer following expiry of the Term.
1.12 The Supplier agree to indemnify and keep indemnified the Customer against all claims, demands, actions, proceedings, charges, costs and expenses (including legal costs and expenses) which may be brought against us in respect of or in any way arising out of or in connection with;
i. your breach of the obligations in this Schedule 6; or
ii. a claim that we are in breach of our obligations under the Privacy Laws as a result of any of your actions.
With so many new features and products in TeamKinetic 1.0 (TK1.0) we thought it would be best to invite you all to a series of master class sessions with Steve and the team. This new version has the potential to take your volunteer management to a new level.
Join us on Facebook to see our interactive demos and join in the conversation directly with Steve. As you know we love to talk through how and why we have made some of our changes. We also love to hear yours and your volunteers thoughts and feedback and this heavily informs our next versions.
These sessions are designed to be short and easy to follow, with loads of opportunity for you to ask questions.
References
Wednesday 25th April 13:30
TeamLeaders
Friday 27th April 13:30
Setting Maximum Sessions
Wednesday 2nd May 13:30
TeamKinetic Chatter – Opportunity Chat Rooms
Friday 4th May 13:30
Managing External Opportunities
Wednesday 8th May 13:30
Reporting Update
Friday 11th May 13:30
If you can’t make one of these sessions, don’t worry, we will be keeping the video on Facebook, as well as adding it to our YouTube channel and where appropriate putting them into the help documents.
Of course, you can always get in touch via the support tickets, email, phone or chat function. We want to know what you think, so please get in touch.
We look forward to seeing you this Wednesday for the first session
To find out more information on TeamKinetic, please feel free to get in contact with one of our Team by:
Email: james@teamkinetic.co.uk
Phone: 0161 914 5757
For over ten years TeamKinetic has been developing innovative technological solutions for third sector organisations. We pride ourselves on our volunteer-centric approach and intuitive design.
Volunteer Management Software that WORKS for Third Sector Organisations.
TeamKinetic is pleased to announce on Sunday, 22 April 2018, the latest update of our volunteer management software went live.Combining the Volunteer, Access and Club Kinetic into one singular application. TeamKinetic V 1.0 brings with it a host of new features and functionality, in this blog we look to explain specifically what they are:
Why TeamKinetic v 1.0?
We have now fully integrated Volunteer, Club and AccessKinetic and our old version numbering was based on our VolunteerKientic releases. So it’s time for a new beginning.
What should I look out for in this release?
This is a huge update with great additions to TeamKinetic’s functionality as well as under the hood changes to improve speed and reliability.
Look out for TeamLeaders, volunteer referencing, our new ‘Focus’ design, Android and iOS apps, more customisation and GDPR compliance.
Check out the new features on the demo site before they go live on your site
From here you can see the new layouts, features and improvements.
Data Protection and Security
GDPR changes
You can see a summary of the changes we have applied for GDPR here
Information Governance ToolKit
As part of our commitment to the highest standards of data protection and information governance, TeamKinetic has undergone extensive self-assessment and external assessment by the NHS Information Governance team.
Apps and mobile
iOS and Android
As the march to mobile’s dominance in how many people interact with digital technologies continues, TeamKinetic have been working hard to catch up with this trend and provide an effective user experience available across all mobile devices. We have created a single mobile app that all volunteers can access.
Version 1 of the iOS and Android App is now available for your volunteers from the Apple App store and the Google Play store. From your mobile device, you can access the app store and SEARCH “TeamKinetic” and you will be presented with our app to download for FREE.
Below you can see how this should look. The Apps are only accessible to your existing users. All new users must create an account via the website before they will be able to use the app. This is just for Volunteers at the moment, but still includes all the basic features you would expect including searching for opportunities and logging hours etc.
This is our first attempt in the mobile space so as always we welcome your feedback on your experience as we will look to improve this over the next 12 months.
We plan to prompt users to download the app when they log onto the site.
TeamKinetic now on Google Play and iOS APP Store.
Design and usability improvements
Volunteer opportunity management area
Making it easy for a volunteer to manage their opportunities continues to be of the greatest importance to our design process as this significantly influences the volunteer’s engagement with the site. We have looked to bring all elements of opportunity management into a single area so a volunteer can easily join/ leave sessions, leave feedback, log hours, see a map of the opportunity location and join the opportunity Chat.
Using the new focus layout, volunteers can quickly see the navigation and actionable areas of the page.
More customisable emails
It has long been our ambition to give you the ability to edit all emails that the system sends. Over the next few months, you will notice the editable ‘customise emails’ list will grow as we expand this function.
Combined viewing and editing volunteer profile page
Volunteer information is now neatly and logically situated on a side menu, allowing easy access to all their information. We have removed the EDIT button and instead made the fields editable directly from each page.
Combined viewing and editing opportunity page
We have replaced the opportunities green menu bar and replaced it with a slicker side menu, removing the need to scroll down endlessly to find what you are looking for.
Shorter improved menu for volunteers
In design, less is often much more. This is why we continue to strive to reduce clutter and simplify the volunteer experience. It has been our aim to have all key volunteer functions only one click away from the front page.
The Volunteer front page acts as a snapshot of everything that volunteer needs to know. This will continue to be a work in progress as we look to improve the user experience, but this is the largest overhaul to the volunteer pages since we started some 10 years ago. As always are keen to hear your feedback.
Full set of sharing icons for volunteers to share opportunity details to social media
Where possible we have tried to make it simple for volunteers and providers to share their opportunities via existing social media, leveraging their existing audience reach.
“If you want more volunteers you need to ask!” is the simple advice when it comes to volunteer recruitment. Building an audience for your opportunities using social media makes asking even easier.
Simplified volunteer qualification and document upload and review
Many opportunities require volunteers to hold specific certified skills or qualifications, these might be achieved through in-house training or awarded by an external body. We have simplified how a volunteer can record their qualifications and training.
We have also added the ability for Admin users to be able to add training and qualifications on behalf of volunteers and lock these documents so volunteers can not remove or alter them.
Each volunteer now has a single page where they can quickly review all relevant certification and training.
New Features
References
References…References…References!!! The bane of many volunteer managers lives. All that paper flowing around, and waiting for people to respond can be a nightmare.
TeamKinetic now offers a complete digital solution, allowing you to create your own custom reference forms which are automatically emailed out to referees. When the referee completes the form, they are automatically attached to the volunteer ready for you to review.
This mean no more referees getting bombarded with the same referee form, as they can be reused for other opportunities. You can also create higher level reference forms for more demanding opportunities, allowing you to customise your questions in relation to the role.
Say goodbye to references stuffed in filing cabinets and say hello to the digitisation of your entire volunteer reference system.
TeamLeaders
Teams of volunteers often have a leader, someone who has been volunteering for years, the ‘go to’ person when things go wrong. For many organisations this person is a very valuable asset to your volunteer programme, and often knows what is happening on the ground more than the administrator or the provider of the opportunity.
You can now mark these people as TeamLeaders within the system, giving them a superior status, and more importantly allowing them to confirm when volunteers have attended. This automatically logs the hours on behalf of the provider allowing a more accurate representation (in real time) of what is happening on each volunteer opportunity.
Maximum sessions per event
When an exciting event is added to your system there is often a rush by volunteers to get on the best opportunities, as many volunteers will be aware that they may not be accepted for every one they apply for, they often try and join many more than they can practically manage.
For this reason we have built a ‘Max Limit’ function into each event, allowing you to stipulate how many sessions each volunteer can join on a single event.
Map view when searching opportunities
Over the past few months we have had a number of requests to make it more simple to find opportunities based around a particular location. The addition of a map view whilst searching opportunities offers a very effective visual tool to help volunteers look for opportunities that are near them.
Opportunity chat rooms
Do your volunteers use facebook groups or WhatsApp to communicate amongst themselves? This can pose some potential risks to you and your organisation. To understand more about these risks read our article on the subject here. To mitigate the need to use external sites such as these we have added an “Opportunity” chat room. This is an area where volunteers can talk to other volunteers or the provider on an opportunity.
User safety is of paramount importance so we have equipped the chat room with language filters that limit the use of offensive language, as well as users having the ability to report offensive or inappropriate comments. Only volunteers on that particular opportunity can use these rooms, so access is strictly managed and people can be removed or blocked from commenting if they are not using the chat room in good faith.
Volunteers do not automatically share any personal data with each other in the chat unlike with other social media.
This function can be disabled for your application if you do not wish to use it, we want to improve the social side of volunteering in a safe setting and we saw this as an important first step.
Minimum notice for leaving a session
This particular feature has been under debate for a long time and has been asked for by a number of customers. As an administrator, you will now be able to set a minimum notice period that a volunteer must give if they intend to leave an opportunity.
For example, volunteers will not be able to leave an opportunity less than 48 hours before it takes place. Instead, if they attempt to do that they will be presented with a pop-up message on the screen that says if you wish to leave this opportunity “please contact the provider on Tel no…..” And the provider can remove the volunteer from the session, but the volunteer will be prevented from removing themselves.
Please be aware of the unintended consequence of enforcing this feature. Volunteers who can’t leave the sessions may just not turn up, and you may be unaware and under-resourced as a provider.
New sharing page for administrators to track what opportunities are being shared and from where
You can now see which systems are sharing opportunities on your search pages, and how many opportunities they are sharing. Ideal for when you want to find out information about a particular external opportunity.
Reporting
Additional reports and quick stats
We have compiled some new exciting statistics for you and revamped the reporting library. You can now see how a full breakdown of how many volunteers are engaged with the system including; How many have joined at least one opportunity, how many have joined and logged hours and how many have joined multiple sessions.
The reporting page is also broken down into sections by using a side menu, making it much easier to navigate. And it includes a handy DATE RANGE facility, allowing you to integrate particular periods of time.
Zooming capabilities on web analytics graph
The Web Analytics reports now include the ability to select a specific date range, allowing you to pin point particular time periods when you have done promotional drives or canvasing, so you can see in more detail what impact your work has had in regards to people using your system.
Identifying inactive volunteers
The following definitions have been developed to create better clarity
For some time, Admin users have been asking how they can easily identify the level of participation volunteers have with your volunteer programmes. To help simplify this process we have developed the following definitions to describe a volunteers level of participation:
A “Converted” is volunteers who have joined one or more opportunity sessions.
An “Active” is a volunteer that has attended and logged hours for one or more opportunity sessions.
A “Repeat” is a volunteer who has joined sessions on two or more opportunity sessions.
TeamKinetic hopes you are as excited about these changes as we are.
If you have any additional questions or would like to find out more, please feel free to get in touch with one of the team via email or phone us on 0161 914 5757.
Please note this list is comprehensive but not exhaustive.
If you haven’t started preparing your organisation for compliance then the next 3 months are crucial. If you have started getting ready for the GDPR deadline, keep going.
Make sure your board is bought in to the importance of the project. Having the support you need from the top is vital to the GDPR compliance process.
ONCE THE GDPR COMES INTO FORCE, YOUR BUSINESS MUST:*
Keep a record of data operations and activities and consider if you have the required data processing agreements in place
Carry out privacy impact assessments (PIAs) on products and systems
If applicable to your organisation, designate a data protection officer (DPO)
Review processes for the collection of personal data
Be aware of your duty to notify the relevant supervisory authority of a data breach
Implement “privacy by design” and “privacy by default” in the design of new products and assess whether existing products meet GDPR standards
What are TeamKinetic doing right now
See what we have already put in place, to be ready for 25th May 2018.
Are the rules different for electronic communications?
What is TeamKinetic doing right now?
Disclaimer: The information in this whitepaper is for your general guidance only and is not and shall not constitute legal advice. If you need advice on your rights or responsibilities or any legal advice around data protection matters, please obtain specific legal advice and contact an adviser or solicitor.
Let’s refresh…
What is the GDPR? The General Data Protection Regulation (GDPR) is a binding legislative act from the European Union for the protection of personal data. The Regulation tackles the inconsistent data protection laws currently existing throughout the EU’s member states and facilitates the secure, free-flow of data.
Why do you need to know about it?
As of April 2016, businesses have been preparing for the legislation coming into effect on 25th May 2018. Although we are in the process of leaving the EU, working towards GDPR compliance remains crucial.
If you fail to comply with the Regulation you could find yourself being fined up to 4% of your company’s global annual turnover and your reputation damaged beyond repair.
That is 4500% increase on current fines that can be issued by the ICO!!
Now that the deadline is just 3 months away, is your organisation ready?
Why has the GDPR come about?
There is a need in Europe and beyond for a standardised data protection framework that addresses the rapid technological advancements that have taken place in recent years, putting the personal data of the masses at risk.
Where do vulnerabilities lie?
Everywhere. All organisations are at risk of a cyber-attack, despite common misconceptions that some industries are more secure than others.
The results of a survey carried out by the Information Commissioner’s Office (ICO) of 173 councils at the end of 2016 reveals that more than 15% of councils do not have data protection training for employees processing personal data and a third do not carry out privacy impact assessments (PIAs) as required by the GDPR.
The survey’s release coincided with the news that the ICO had fined Norfolk Council £60,000 for a data breach in which social work files were discovered in a cabinet bought in a second-hand shop by a member of the public.
Capgemini: The Currency of Trust, February 2017
74% of UK SMEs had a security breach in 2016.
While leaving vulnerable information in a cabinet or on a train may seem like a problem from 1997 rather than 2017 – when cloud technology means physical files never need to leave the office – the overarching security challenge remains.
Professionals across the public and private sectors must be aware of the nature of the data they are accessing from their home networks and ensure they are doing so securely.
Computer Weekly: Many Councils Still Unprepared for GDPR, March 2017
What about Brexit?
Despite the vote to leave the EU, UK businesses must continue to work towards GDPR compliance. Not only has the UK government stated that it is good business practice to do so, but the legislation applies to all businesses working within the EU and with EU data. A failure to comply can lead to significant fines and irreparable damage to a company’s reputation.
The latest thinking is that the UK could replace the 1998 Data Protection Act (DPA) with legislation that mirrors the GDPR, enabling the UK to achieve free data flow with the EU post-Brexit. The government has warned that it may take two to three years for the European Council (EC) to decide that the UK has an adequate data protection regime.
While the impact of the Investigatory Powers Act on the UK’s GDPR compliance has yet to be fully understood, it is possible that the mass surveillance and data retention practices carried out under the Act could cause issues when the EC comes to decide whether the UK’s practices are adequate. The existence of these two extraordinarily contradictory legislations could result in a UK equivalent of the Privacy Shield agreement held between the US and the EU to facilitate secure transatlantic data flow.
If your business activities are contained within the UK or elsewhere within Europe, you will have to observe the protections afforded by the GDPR for citizens.
What happens if my business is not complaint?
The GDPR introduces a two-tier fine system that emphasises just how small a financial deterrent existed under the Data Protection Act (DPA).
As of the 2018 deadline, any data controller or processor that fails to comply with the Regulation will face the following fines:
Tier 1
If a data breach occurs that puts highly important data at risj, the data controller/processor will be fined upto €20M (£17.25M) or 4% of the previous year’s global annual turnover, whichever is greater.
Tier 2
Any other data breach could lead to fines of up to €10M (£8.6M) or 2% of the previous year’s global annual turnover, whichever is greater.
It is estimated that if breaches remain at the same level as in 2015, the fines given will raise 90 fold from €1.4 billion to €122 billion
Key changes to consent
Do you ask your customers for permission before you use their data? Do you go a step further and tell them what it will be used for? If the answer to either – or both – of these questions is no, you could be in trouble if you don’t start changing your ways before the GDPR deadline.
Why is consent important?
Consent enables your business to lawfully process data.
Organisations applying the GDPR’s standards are giving individuals greater control over their information and, in turn, building trusting relationships that ultimately keep customers coming back for more.
Any business found to be misusing personal data will be fined according to the highest level of the two-tier system and – most poignantly – is at serious risk of damaging its own reputation. When is consent required? You must have the data subject’s consent to lawfully process their data. However, just to confuse things, there are instances that will call for consent to be acquired via alternative methods; we’ll clarify this shortly. Consent is also needed under ePrivacy laws if you’re in the business of tracking communications and installing software and apps on devices.
If you want to use someone’s personal data they must give you explicit consent to do so. This means in practise no pre-ticked boxes, a user must always choose to tick the box.
If you want to use an individual’s personal data for multiple purposes, they must give consent for each purpose, separately
Who might need an alternative method of gaining consent?
Most commonly, data controllers in a position of power such as public authorities and employers who are likely to find getting valid consent challenging and so must consider the alternative options.
For example, if you are a highly successful eCommerce business is bringing on board a new supplier of garden furniture, you will need a contract with them that clarifies the role of each party and enables you to lawfully process their data.
Whether you are the data controller or processor, you must always record how consent was given, who from, when, how, and what the interested parties were told.
You must not bundle your consent request with your standard terms and conditions.
Does your consent process meet GDPR standards?
Carry out a thorough review of existing consent processes and asses whether they meet the Regulation’s requirements. if they do, there is no need to request consent from the subject again.
Key changes to breach notifications
Europe had a phenomenally inconsistent data protection landscape. It meant that when a Switzerland-based business suffered a data breach affecting people in Greece, Italy and Spain, the organisation would need to comply with the breach notification standards of each of the three member states.
This lack of uniformity throughout Europe means that while some member states, such as Spain and Germany, are recognised for their rigorous data breach privacy laws, there are also member states with minimal to no regulations in place.
In this environment, organisations in lax member states have not needed to notify an authority of a breach.
The GDPR smooths all this out with the introduction of a single breach notification requirement.
What is a personal data breach?
A personal data breach is not simply the loss of data but a breach of security, resulting in the destruction, loss, alteration, unauthorised disclosure of or access to personal data.
When must the relevant supervisory authority be notified?
The relevant supervisory authority must be informed of any data breach that puts an individual’s rights and freedoms at risk. This includes a loss of confidentiality and financial loss.
Data controllers must inform the supervisory authority without undue delay and within 72 hours of learning of a personal data breach. They must state:
Its nature
The approximate number of people affected
The contact information for the organisation’s DPO (if one has been appointed)
The controller must also pin-point the likely consequences of the breach and the measures taken to reduce further risk to those affected.
Data processors must tell the data controller about a data breach without undue delay after having become aware of it.
If a breach is significant enough that it is in the public interest, those responsible – be that the controller or processor – must do so without undue delay.
The impact of data breaches If we hark back to our real world TalkTalk and Yahoo examples, we can see that the severe consequences each company experienced following their respective breaches were related to how they handled the aftermath of the breach and not simply because the breach happened in the first place.
What should you be doing now?
A personal data breach is not just the loss of that data but a breach of security, resulting in the destruction, loss, alteration, unauthorised disclosure of or access to personal data.
Educate your employees about personal data breaches and how to spot when one has occurred.
Set-up an internal process for reporting a personal data breach.
Make sure you have the internal resources and processes in place to detect and investigate breaches. Speak to any third-party data processers if they are storing your data.
Put an incident response plan in place.
Are the rules different for electronic communications?
No, not really. The EU has introduced a complementary legal framework to the GDPR to clarify exactly what data controllers and processors must be doing to protect individuals’ communications; electronic or otherwise.
New cookies responsibilities for browser providers Users must be given the choice to consent to cookies as part of the browser software set-up. This should reduce or eliminate cookie banners on websites entirely.
Extra-territoriality and 4% fines The Regulation no longer applies solely to the EU. It applies to anyone in the world that provides publicly-available “electronic communications services” to acquire data from the devices of EU citizens. Any organisation that breaches the Regulation will be subject to the GDPR’s two-tier fine system. That means you should be paying attention even if your business is contained within the UK.
The Regulation application is expanded Unlike its predecessor, the ePrivacy Directive, the ePrivacy Regulation goes beyond the traditional telecommunications organisations and internet service providers. It incorporates messaging apps like WhatsApp, and email providers, amongst other communications suppliers such as Facebook and Snapchat.
New rules for processing communications data The Regulation introduces new rules for handling: what was said, who said it, where and when. This data is confidential; interfering with it could result in a Tier 1 fine.
Exemption analytics cookies Businesses are exempt from the cookie consent requirement when using firstparty analytics. However, using third-party analytics platforms such as Google Analytics requires user consent.
For the non-techy amongst you, ‘party’ refers to the website that places the cookie. So when you visit www.ukfast.co.uk, and you find the domain of the cookie placed on your computer is www.ukfast.co.uk, this is a first-party cookie. If you visit www.ukfast. co.uk and a cookie by a suspiciously dissimilar name appears, this cookie has been placed by a third party.
Like the GDPR, the ePrivacy Regulation will come in to effect on the 25th May 2018.
TeamKinetic is now a mature and fully featured volunteer management solution. As it has matured we have been able to more rigorously enforce a design principle for better impact across all user interfaces that we call Focus.
Focus is a collection of typography, grids, spacing, colour, layout and sizing rules that aim to achieve consistency of design, fluid layout for smaller screens and help to retain user focus on important tasks.
Volunteers, providers and administrators are presented with large amounts of information and we have been working hard to make this volume of information easy to digest in our Volunteer management application so the individual user focus is on the most pertinent information.
The biggest layout difference you will see is the support for a two-pane design with navigation elements in the left pane and the action area in the right pane. This layout also encourages the collection of tasks into one area, either functionally similar tasks or tasks commonly undertaken at the same time.
A two pane layout with a navigation bar on the left and the action panes on the right
Colours are restricted to a limited palette so that actionable areas like buttons, menus and links, are obvious and easy to find.
Font sizes are consistent and changes in font size are restricted to key text and headings.
Animation are used to indicated areas of focus when information is updated or the user enters a new area.
Panels are elevated when active using an animated shadow effect
Message and information areas are distinguished by a thick left border, the colour is contextual and can refer to the category, message type or other information.
Thick left borders indicated messages or important content areas
Where possible we want to avoid page refresh as this slows the users experience and can break their focus on the task at hand. Volunteers, Providers and Admin users all want to be able to undertake tasks with the need for a screen refresh. Extended use of AJAX , a method of performing user interactions immediately without reloading a new page, enables us to keep the user focused on their task without the interruption of a page refresh and the subsequent visual scan of the page to locate the last point of focus.
AJAX methods are employed extensively across the admin area, especially when editing opportunities or volunteer profiles.
Grids and spacing automatically adjust to screen size and allow navigation areas to collapse to icon only links and wide content to collapse into vertical stacks keeping readability high.
Collapsible elements retain readability and usability for small screens
We just wanted to let you know what’s behind some of the design decisions in the brand new TeamKinetic v1 release and our design intent going forward.
Please add any comments you have below, thanks, The Team.
