{"id":1822,"date":"2018-05-18T11:21:15","date_gmt":"2018-05-18T10:21:15","guid":{"rendered":"http:\/\/teamkinetic.co.uk\/blog\/?p=1822"},"modified":"2022-06-13T10:55:27","modified_gmt":"2022-06-13T09:55:27","slug":"gdpr-frequently-asked-questions-for-teamkinetic","status":"publish","type":"post","link":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/","title":{"rendered":"GDPR Frequently Asked Questions for TeamKinetic"},"content":{"rendered":"<p>This document will continue to develop over time as we respond to more questions from our customer and users.\u00a0 Please feel free to subscribe to stay up to date.<\/p>\n<h3>1. Do we need to get renewed consent from every volunteer and provider?<\/h3>\n<p>We will be asking all volunteers and providers to review their consent settings for communications and the sharing of their data with volunteer opportunities. You can see this email <a href=\"https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/gdpr-email.htm\">here\u00a0<\/a><\/p>\n<p>Renewed consent and acceptance of the new EULA will be required when logging in.<\/p>\n<p>We think the consent we have already obtained from volunteers and providers provides us sufficient cover under the \u2018legitimate use\u2019 to ensure we do not need to delete users accounts.<\/p>\n<h3>2. How long do you keep data after someone has unsubscribed or withdrawn consent?<\/h3>\n<p>Unsubscribed relates to email\/SMS correspondence, and users are removed immediately from all mass communication and newsletter emails. They will still receive transactional emails specifically related to them and their volunteering. If a user withdraws consent or asks to be removed their volunteer data is immediately anonymised and their personal data is moved to a table only accessible by a system administrator. This moved data is stored for a further 7 days before being permanently removed. We do this to enable us to restore a volunteer profile deleted in error. Data in backups will disappear after our 30 day retention period. Data from backups is restorable but an hourly charge is levied.<\/p>\n<h3>3. What is your process if anyone exercises their right to be forgotten.<\/h3>\n<p>We will immediately start the removal process for any volunteer requesting to be forgotten or who asks to be removed. The data removal follows the same pattern as above in point 2.<\/p>\n<h3>4. How long would it take to delete their data entirely?<\/h3>\n<p>Volunteer data is made anonymous immediately. Personal data is immediately unavailable to volunteer administrators and providers. Data in backups will be removed after our 30 day retention period.<\/p>\n<p>Data in backups is only accessible by our network administrators and not by any users at any level of our applications.<\/p>\n<h3>5. Do you have an archive of all the data we hold in the database?<\/h3>\n<p>All data is transactionally backed up daily and stored encrypted. Backups are maintained for 30 days.<\/p>\n<h3>6. Is the data anonymised at any point?<\/h3>\n<p>If a request for removal is received then volunteer data is immediately anonymised.<\/p>\n<h3>7. Is your data encrypted?<\/h3>\n<p>Password data is stored using a one-way hash using a randomised SALT with a length sufficient to prevent practical brute force or collision attacks.<\/p>\n<p>All data at rest in backup or in transit is encrypted using a minimum 30 character length password.<\/p>\n<h3>8. Can the TeamKinetic privacy policy be found on the database by volunteers?<\/h3>\n<p>Yes. Our full terms and conditions and specifically our privacy policy can be found at <a href=\"https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/termsandconditions.htm#privacy.\">https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/termsandconditions.htm#privacy.<\/a><\/p>\n<h3>9. When were your terms and conditions and privacy policy last updated?<\/h3>\n<p>Attached to this post are links to:<\/p>\n<ul>\n<li>Our very latest End User License Agreement that was updated May 2018. We ask Volunteers and Providers to Acknowledge this new document when they logon. You can view it at; <a style=\"font-size: inherit;\" href=\"https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/termsandconditions.htm\">https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/termsandconditions.htm<\/a><\/li>\n<\/ul>\n<ul>\n<li>The email we will be sending to all user regarding their current communication settings that you can view at; <a style=\"font-size: inherit;\" href=\"https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/gdpr-email.htm\">https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/gdpr-email.htm<\/a><\/li>\n<\/ul>\n<ul>\n<li>And our new Privacy policy document was updated May 2018; you can view at; <a style=\"font-size: inherit;\" href=\"https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/termsandconditions.htm#privacy\">https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/termsandconditions.htm#privacy<\/a><\/li>\n<\/ul>\n<p>I have also included the new Schedule that I will be sending as an addendum to all customers to outline our responsibilities to you under GDPR.<\/p>\n<h3>10. Is the website hosted on UK based servers?<\/h3>\n<p>All our hosting servers are UK based.<\/p>\n<h3>11. Do you have an ICO certification number?<\/h3>\n<p>You can find our details at <a href=\"https:\/\/ico.org.uk\/ESDWebPages\/Entry\/ZA036104\">https:\/\/ico.org.uk\/ESDWebPages\/Entry\/ZA036104<\/a><\/p>\n<p>Registration number: ZA036104<br \/>\nDate registered: 14 January 2014<br \/>\nRegistration expires: 13 January 2021<br \/>\nData controller: TeamKinetic Ltd<br \/>\nAddress:<br \/>\nOffice 14 Parkway 2<br \/>\nParkway Business Centre<br \/>\nPrincess Road<br \/>\nManchester<br \/>\nM14 7HR<\/p>\n<h3>12. Where do you explain to the volunteer that data is shared with other parties<\/h3>\n<p>Our email to all volunteers will reiterate that data is shared with providers and potentially external administrators where a volunteer opts to volunteer on an opportunity outside their application.<\/p>\n<p>For all new volunteers, this consent is explicitly captured during the initial sign up process.<\/p>\n<h3>13. What fields can a provider see on a volunteer<\/h3>\n<p>Providers can see (but not edit);<br \/>\nAge<br \/>\nContact phone number<br \/>\nEmail address<br \/>\nGender<br \/>\nSpecial requirements and disabilities (if the volunteer has chosen to share)<br \/>\nCriminal record check status<br \/>\nUnlocked custom registration fields<\/p>\n<h3>14. Can \u201cAdmin\u201d users set some \u201cCustom Fields\u201d to be visible to \u201cProviders\u201d or not visible?<\/h3>\n<p>Our next release in June 2018 has enabled custom fields to be locked to admins only.<\/p>\n<h3>15. Can you make custom registration fields compulsory?<\/h3>\n<p>Yes, custom fields can be made compulsory.<\/p>\n<h3>16. How long do we store data on volunteer and providers?<\/h3>\n<p>TeamKinetic believe volunteering is a lifetime pursuit and as such see no reason to remove a volunteer profile on behalf of a volunteer due to inactivity.<\/p>\n<p>We do believe it is important for a volunteer or provider to have the ability to remove themselves as and when they see fit<\/p>\n<p>We appreciate that some organisations will not share our view, so we will provide a tool that will allow Admin users to search the database for inactive users based on Admin set criteria of time. This will provide a list of inactive volunteers the admin user will be able to remove from the system on mass.<\/p>\n<h3>17. Is there any further information of TeamKinetic and GDPR<\/h3>\n<p>You can read my last blog on this subject at <a href=\"https:\/\/teamkinetic.co.uk\/blog\/tag\/gdpr\/\">https:\/\/teamkinetic.co.uk\/blog\/tag\/gdpr\/<\/a><\/p>\n<p>And you can download our whitepaper on this subject at <a href=\"https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/are-you-ready-for-gdpr.pdf\">https:\/\/teamkinetic.co.uk\/vk\/shared_includes\/are-you-ready-for-gdpr.pdf<\/a><\/p>\n<h3>18. Do we maintain Data Processing Records<\/h3>\n<p>Yes. We have a record of all Data Processors details and access to the data is maintain under strict regulation. We have detail records for the purpose of processing, descriptions of categories, detail data flow diagrams and full documentation of all third party data processors we work with. This is complemented by our policies on security, continuity and privacy.<\/p>\n<h3>19. Does TeamKinetic have a Sub-processor or level 2 processor change request process?<\/h3>\n<p>TeamKinetic shares very limited data with sub-processors and that data is anonymised. All sub-processes are legally bound by TeamKinetic to meet our data standard as outlined in schedule 6.<\/p>\n<hr \/>\n<p>All customers are asked to review the schedule below. This will be sent in a separate email to all existing customers as an addendum to our current agreement and will require signing as soon as possible.<\/p>\n<p>Schedule 6 Data Protection<br \/>\n1. Data Protection<\/p>\n<p>1.1 For the purposes of this clause, the following definitions apply;<br \/>\n(i) \u2018Data Controller\u2019, \u2018Data Processor\u2019 and \u2018process\u2019 have the meanings given to them in the Data Protection Act 1998 and from May 2018 the General Data Protection Regulation 2016\/679;<br \/>\n(ii) Service Users shall mean those who sign up to use the Services.<br \/>\n(iii) \u2018Personal data breach\u2019 has the meaning given to it in article 4(12) of the General Data Protection Regulation 2016\/679;<br \/>\n(iv) \u2018 Personal Data\u2019 shall mean the personal data of the Service Users including their name, contact details, email, address, disability information, gender and employment or education experience.<br \/>\n(v) \u2018Privacy Laws\u2019 means the Data Protection Act 1998, Directive 95\/46\/EC, the General Data Protection Regulation 2016\/679 qne the Privacy and Electronic Communications Regulations 2003; and<br \/>\n(vi) \u2018Privacy notice\u2019 means a notice providing individuals with information about the purpose for which and manner in which their personal data will be processed and the organisations that will be undertaking that processing.<\/p>\n<p>1.2 With respect to the parties\u2019 rights and obligations under this Contract, it is acknowledged and agreed that the Customer is the Data Controller and the Supplier is the Data Processor in relation to the Personal Data.<\/p>\n<p>1.3 Where processing Personal Data on behalf of the Customer the Supplier agrees to;<br \/>\n(i) provide the Services in compliance with all relevant Privacy Laws;<\/p>\n<p>(ii) not do anything (or permit anything to be done) which would put the Customer in breach of its obligations under Privacy Laws;<\/p>\n<p>(iii) only process the Personal Data in accordance with the Customer\u2019s instructions and only for the purpose of delivering the Services and not for any other purpose;<\/p>\n<p>(iv) only process the Personal Data in such manner as is described in the Contract and, in any event, only process the Personal Data to the extent that is necessary to deliver the Services;<\/p>\n<p>(v) implement and maintain the technological and organisational measures to protect the Personal Data against accidental or unlawful loss, alteration, destruction, or unauthorised disclosure, dissemination or access, or alteration;<\/p>\n<p>(vi) not disclose or transfer the Personal Data to any third party (save where disclosure has been specifically authorised by the Customer under this Contract) and only provide access to the Personal Data to your personnel where such access is necessary for the provision of the Services<\/p>\n<p>(vii) take reasonable steps to ensure the reliability of any of your personnel who have access to the Personal Data, ensure that those personnel are aware of their obligations set out in this clause 1 and have undergone adequate training in the care, use and protection of personal data in compliance with the Privacy Laws.<\/p>\n<p>1.4 Upon the Customer\u2019s request, the Supplier agrees to permit the Customer or its authorised agents to inspect the Supplier\u2019s premises, data processing activities and systems, and\/or have access to, and be provided with copies of any information (including without limitation the Personal Data) to enable the Customer to be satisfied the Supplier are complying with the obligations under this Schedule 6.<\/p>\n<p>1.5 The Supplier must not sub-contract or assign any of its right or obligations under this Contract without the Customer\u2019s prior written consent.<\/p>\n<p>1.6 Where the Customer provides written consent to sub-contracting of the Services under clause 1.6, then the Supplier agrees to impose a binding legal obligation on their sub-contractor to comply with the obligations in this Schedule 6 where that subcontractor has access to, or will be otherwise processing, the Personal Data. For the avoidance of doubt, any such subcontract shall not relieve the Supplier of its obligation to comply fully with this Schedule 6 and the Supplier shall remain fully responsible and liable for ensuring full compliance with this Schedule 6 in all respects.<\/p>\n<p>1.7 The Supplier will not transfer any Personal Data processed under or pursuant to this Agreement outside of the European Union without the Customer\u2019s prior written authorisation. Where the Customer authorises the transfer of Personal Data outside of the European Union, the Supplier agrees to comply with any instructions the Customer may issue which are necessary to achieve compliance with the Privacy Laws.<\/p>\n<p>1.8 The Supplier agrees to notify the Customer as soon as practical, and in any event within five working days, if the Supplier receives;<\/p>\n<p>i. a request from an individual to access their Personal Data or to exercise the rights of individuals under Privacy Laws including the rights of rectification, restriction, blocking, data portability and\/or erasure;<br \/>\nii. a complaint relating to the processing of Personal Data under this Agreement;<br \/>\niii. notification that an individual wishes to withdraw their consent, or otherwise objects, to the processing of their Personal Data under this Agreement; or<br \/>\niv. any communication from the Information Commissioner or any regulatory authority in connection with the Personal Data.<\/p>\n<p>1.9 The Supplier agrees to comply with our instruction regarding the response to and handling of a complaint, request, notification or communication described in clause 1.9 and provide such reasonable assistance to the Customer as is required to ensure that the Customer can comply with its obligations under the Privacy Laws.<\/p>\n<p>1.10 The Supplier agrees to notify the Customer promptly, and within 24 hours, in the event of an actual or suspected personal data breach involving the Personal Data processed under this Agreement. The Supplier agrees to co-operate with the Customer fully to investigate such a breach by furnishing the Customer with information as may be reasonably required about the breach and the Supplier\u2019s processing activities. The Supplier also agrees to comply with the Customer\u2019s reasonable instructions regarding the management of and response to the breach and any steps necessary to prevent an equivalent breach in the future.<\/p>\n<p>1.11 The Supplier agrees to comply with the Customer\u2019s instructions as to the period for which the Personal Data shall be retained and regarding secure destruction or return of the data to the Customer following expiry of the Term.<\/p>\n<p>1.12 The Supplier agree to indemnify and keep indemnified the Customer against all claims, demands, actions, proceedings, charges, costs and expenses (including legal costs and expenses) which may be brought against us in respect of or in any way arising out of or in connection with;<br \/>\ni. your breach of the obligations in this Schedule 6; or<br \/>\nii. a claim that we are in breach of our obligations under the Privacy Laws as a result of any of your actions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This document will continue to develop over time as we respond to more questions from our customer and users.\u00a0 Please feel free to subscribe to stay up to date. 1. Do we need to get renewed consent from every volunteer and provider? We will be asking all volunteers and providers to review their consent settings [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[4,292,5,132],"tags":[134,133,138,118,137],"class_list":["post-1822","post","type-post","status-publish","format-standard","hentry","category-policy-and-operations","category-securitygdpr","category-technical-updates","category-whitepaper","tag-data","tag-gdpr","tag-general-data-protection-regulation","tag-policy","tag-security"],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.10 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\r\n<title>GDPR Frequently Asked Questions for TeamKinetic - TeamKinetic<\/title>\r\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\r\n<link rel=\"canonical\" href=\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/\" \/>\r\n<meta property=\"og:locale\" content=\"en_GB\" \/>\r\n<meta property=\"og:type\" content=\"article\" \/>\r\n<meta property=\"og:title\" content=\"GDPR Frequently Asked Questions for TeamKinetic - TeamKinetic\" \/>\r\n<meta property=\"og:description\" content=\"This document will continue to develop over time as we respond to more questions from our customer and users.\u00a0 Please feel free to subscribe to stay up to date. 1. Do we need to get renewed consent from every volunteer and provider? We will be asking all volunteers and providers to review their consent settings [&hellip;]\" \/>\r\n<meta property=\"og:url\" content=\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/\" \/>\r\n<meta property=\"og:site_name\" content=\"TeamKinetic\" \/>\r\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/TeamKineticUK\" \/>\r\n<meta property=\"article:published_time\" content=\"2018-05-18T10:21:15+00:00\" \/>\r\n<meta property=\"article:modified_time\" content=\"2022-06-13T09:55:27+00:00\" \/>\r\n<meta name=\"author\" content=\"Rolf Herbert\" \/>\r\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\r\n<meta name=\"twitter:creator\" content=\"@TeamKineticUK\" \/>\r\n<meta name=\"twitter:site\" content=\"@TeamKineticUK\" \/>\r\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rolf Herbert\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\r\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/\"},\"author\":{\"name\":\"Rolf Herbert\",\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/person\/bf564ec6a7b141b3fd5b42b422977775\"},\"headline\":\"GDPR Frequently Asked Questions for TeamKinetic\",\"datePublished\":\"2018-05-18T10:21:15+00:00\",\"dateModified\":\"2022-06-13T09:55:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/\"},\"wordCount\":2154,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#organization\"},\"keywords\":[\"data\",\"GDPR\",\"General data protection regulation\",\"Policy\",\"Security\"],\"articleSection\":[\"Policy and Operations\",\"Security and GDPR\",\"Technical Updates\",\"Whitepaper\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/\",\"url\":\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/\",\"name\":\"GDPR Frequently Asked Questions for TeamKinetic - TeamKinetic\",\"isPartOf\":{\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#website\"},\"datePublished\":\"2018-05-18T10:21:15+00:00\",\"dateModified\":\"2022-06-13T09:55:27+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/teamkinetic.co.uk\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GDPR Frequently Asked Questions for TeamKinetic\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#website\",\"url\":\"https:\/\/teamkinetic.co.uk\/blog\/\",\"name\":\"TeamKinetic\",\"description\":\"Connect, with great value volunteer management software\",\"publisher\":{\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/teamkinetic.co.uk\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#organization\",\"name\":\"TeamKinetic\",\"url\":\"https:\/\/teamkinetic.co.uk\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2023\/06\/logo-TeamK.png\",\"contentUrl\":\"https:\/\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2023\/06\/logo-TeamK.png\",\"width\":1850,\"height\":498,\"caption\":\"TeamKinetic\"},\"image\":{\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/TeamKineticUK\",\"https:\/\/twitter.com\/TeamKineticUK\",\"https:\/\/www.instagram.com\/teamkineticuk\/\",\"https:\/\/www.linkedin.com\/company\/teamkinetic\/\",\"https:\/\/www.youtube.com\/c\/TeamKinetic\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/person\/bf564ec6a7b141b3fd5b42b422977775\",\"name\":\"Rolf Herbert\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c2bcd1f933804170bd2b84b2048457a8?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c2bcd1f933804170bd2b84b2048457a8?s=96&d=mm&r=g\",\"caption\":\"Rolf Herbert\"},\"url\":\"https:\/\/teamkinetic.co.uk\/blog\/author\/rolf-herbert\/\"}]}<\/script>\r\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GDPR Frequently Asked Questions for TeamKinetic - TeamKinetic","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/","og_locale":"en_GB","og_type":"article","og_title":"GDPR Frequently Asked Questions for TeamKinetic - TeamKinetic","og_description":"This document will continue to develop over time as we respond to more questions from our customer and users.\u00a0 Please feel free to subscribe to stay up to date. 1. Do we need to get renewed consent from every volunteer and provider? We will be asking all volunteers and providers to review their consent settings [&hellip;]","og_url":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/","og_site_name":"TeamKinetic","article_publisher":"https:\/\/www.facebook.com\/TeamKineticUK","article_published_time":"2018-05-18T10:21:15+00:00","article_modified_time":"2022-06-13T09:55:27+00:00","author":"Rolf Herbert","twitter_card":"summary_large_image","twitter_creator":"@TeamKineticUK","twitter_site":"@TeamKineticUK","twitter_misc":{"Written by":"Rolf Herbert","Estimated reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/#article","isPartOf":{"@id":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/"},"author":{"name":"Rolf Herbert","@id":"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/person\/bf564ec6a7b141b3fd5b42b422977775"},"headline":"GDPR Frequently Asked Questions for TeamKinetic","datePublished":"2018-05-18T10:21:15+00:00","dateModified":"2022-06-13T09:55:27+00:00","mainEntityOfPage":{"@id":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/"},"wordCount":2154,"commentCount":2,"publisher":{"@id":"https:\/\/teamkinetic.co.uk\/blog\/#organization"},"keywords":["data","GDPR","General data protection regulation","Policy","Security"],"articleSection":["Policy and Operations","Security and GDPR","Technical Updates","Whitepaper"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/","url":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/","name":"GDPR Frequently Asked Questions for TeamKinetic - TeamKinetic","isPartOf":{"@id":"https:\/\/teamkinetic.co.uk\/blog\/#website"},"datePublished":"2018-05-18T10:21:15+00:00","dateModified":"2022-06-13T09:55:27+00:00","breadcrumb":{"@id":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/teamkinetic.co.uk\/blog\/2018\/05\/gdpr-frequently-asked-questions-for-teamkinetic\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/teamkinetic.co.uk\/blog\/"},{"@type":"ListItem","position":2,"name":"GDPR Frequently Asked Questions for TeamKinetic"}]},{"@type":"WebSite","@id":"https:\/\/teamkinetic.co.uk\/blog\/#website","url":"https:\/\/teamkinetic.co.uk\/blog\/","name":"TeamKinetic","description":"Connect, with great value volunteer management software","publisher":{"@id":"https:\/\/teamkinetic.co.uk\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/teamkinetic.co.uk\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/teamkinetic.co.uk\/blog\/#organization","name":"TeamKinetic","url":"https:\/\/teamkinetic.co.uk\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2023\/06\/logo-TeamK.png","contentUrl":"https:\/\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2023\/06\/logo-TeamK.png","width":1850,"height":498,"caption":"TeamKinetic"},"image":{"@id":"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/TeamKineticUK","https:\/\/twitter.com\/TeamKineticUK","https:\/\/www.instagram.com\/teamkineticuk\/","https:\/\/www.linkedin.com\/company\/teamkinetic\/","https:\/\/www.youtube.com\/c\/TeamKinetic"]},{"@type":"Person","@id":"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/person\/bf564ec6a7b141b3fd5b42b422977775","name":"Rolf Herbert","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/teamkinetic.co.uk\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/c2bcd1f933804170bd2b84b2048457a8?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c2bcd1f933804170bd2b84b2048457a8?s=96&d=mm&r=g","caption":"Rolf Herbert"},"url":"https:\/\/teamkinetic.co.uk\/blog\/author\/rolf-herbert\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p8AVXm-to","jetpack-related-posts":[{"id":1764,"url":"https:\/\/teamkinetic.co.uk\/blog\/2018\/04\/are-you-ready-for-gdpr\/","url_meta":{"origin":1822,"position":0},"title":"Are you ready for GDPR?","author":"Chris Martin","date":"23rd April 2018","format":false,"excerpt":"A whitepaper to help you get ready for GDPR and find out what it means for your data. Whitepaper - Are you ready for GDPR\u00a0- Download the paper here. What should you be doing now? If you haven\u2019t started preparing your organisation for compliance then the next 3 months are\u2026","rel":"","context":"In &quot;Application Features and Tutorials&quot;","block_context":{"text":"Application Features and Tutorials","link":"https:\/\/teamkinetic.co.uk\/blog\/category\/application-features-and-tutorials\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2018\/04\/GDPR-why-now-info--300x296.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":6289,"url":"https:\/\/teamkinetic.co.uk\/blog\/2020\/08\/we-are-updating-our-terms-and-conditions\/","url_meta":{"origin":1822,"position":1},"title":"We are updating our Terms and Conditions","author":"Chris Martin","date":"14th August 2020","format":false,"excerpt":"Periodically we review and update our operating terms and conditions that form the basis of our relationship with our customers. This time around we are proposing two changes that we wanted to clarify with our customers. Since the introduction of GDPR we have been reviewing our approach to data processing\u2026","rel":"","context":"In &quot;Policy and Operations&quot;","block_context":{"text":"Policy and Operations","link":"https:\/\/teamkinetic.co.uk\/blog\/category\/policy-and-operations\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3111,"url":"https:\/\/teamkinetic.co.uk\/blog\/2019\/06\/how-can-your-not-for-profit-prepare-for-brexit\/","url_meta":{"origin":1822,"position":2},"title":"How Can YOUR Not-For-Profit Prepare For Brexit?","author":"Rolf Herbert","date":"6th June 2019","format":false,"excerpt":"You may not know much about Brexit considering it's not spoken about every single day! There are many rules and regulations that will affect the economy and organisations as a direct result of Brexit. This also applies to civil society organisations or Not-for-profits. So, how exactly can these types of\u2026","rel":"","context":"In &quot;News &amp; Views&quot;","block_context":{"text":"News &amp; Views","link":"https:\/\/teamkinetic.co.uk\/blog\/category\/news-views\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1525,"url":"https:\/\/teamkinetic.co.uk\/blog\/2018\/01\/teamkinetic-new-eula-and-data-policy\/","url_meta":{"origin":1822,"position":3},"title":"TeamKinetic: New EULA and Data Policy","author":"Chris Martin","date":"29th January 2018","format":false,"excerpt":"On Friday 26th January 2018 our new EULA and Data Policy was enacted. Since 2016, organisations have been preparing for the reformation of data protection in the form of GDPR (General Data Protection Regulation). For many organisations operating within the third sector, a certain apprehension has loomed, driven by concerns\u2026","rel":"","context":"In &quot;News &amp; Views&quot;","block_context":{"text":"News &amp; Views","link":"https:\/\/teamkinetic.co.uk\/blog\/category\/news-views\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2024\/02\/blog-image-36.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2024\/02\/blog-image-36.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2024\/02\/blog-image-36.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":16876,"url":"https:\/\/teamkinetic.co.uk\/blog\/2025\/09\/iso-27001-certification\/","url_meta":{"origin":1822,"position":4},"title":"TeamKinetic: Setting the Standard for the Sector with ISO 27001 Certification","author":"Alex Evans","date":"12th September 2025","format":false,"excerpt":"Achieving ISO 27001 certification is a significant undertaking. For us at TeamKinetic, it was a worthwhile investment that underscores our deep commitment to data security and governance. This certification is not just a badge; it's a testament to our ongoing efforts to protect our clients' information and to set the\u2026","rel":"","context":"In &quot;News &amp; Views&quot;","block_context":{"text":"News &amp; Views","link":"https:\/\/teamkinetic.co.uk\/blog\/category\/news-views\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2025\/09\/ISO27001.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2025\/09\/ISO27001.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2025\/09\/ISO27001.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2025\/09\/ISO27001.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2025\/09\/ISO27001.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":2107,"url":"https:\/\/teamkinetic.co.uk\/blog\/2018\/08\/good-bad-and-ugly-of-the-internet-for-volunteer-managers\/","url_meta":{"origin":1822,"position":5},"title":"Understanding the Good, the Bad and the Ugly of the internet for volunteer managers","author":"Chris Martin","date":"30th August 2018","format":false,"excerpt":"TeamKinetic believes that the internet has the potential for transformation in our world comparable to the Gutenberg's printing press\u00a0, but if the last few years have taught us anything, it's that the internet reflects both the very best and very worst of human nature. What do volunteer managers need to\u2026","rel":"","context":"In &quot;Community&quot;","block_context":{"text":"Community","link":"https:\/\/teamkinetic.co.uk\/blog\/category\/community\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/teamkinetic.co.uk\/blog\/wp-content\/uploads\/2018\/08\/flat550x550075f.u1-272x300.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1822","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=1822"}],"version-history":[{"count":12,"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1822\/revisions"}],"predecessor-version":[{"id":5255,"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1822\/revisions\/5255"}],"wp:attachment":[{"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=1822"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=1822"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teamkinetic.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=1822"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}