Groups.io and GDPR compliance
|
Hi, ? My choir is currently with Yahoo Groups and I am experimenting with Groups.io with the intention of moving away from Yahoo over the summer months. ? The concern I have is that either of the groups hold/store personal data even if only name and email address. Yahoo obviously also stores Yahoo ID if the person has one. For GDPR we are required to ensure compliance with any 3rd parties who store personal data on our behalf. The main concern is whether data is stored on servers inside or outside the EU. See advice from our representative body, Making Music. ? So my question is does Groups.io have servers inside the EU for those of us in Europe? ----------------------------------------------------------------------- A. Storing and using data via third parties e.g. sharing documents (Google Drive), an email service (Mail Chimp) or an online ticketing website (Ticket Source). GDPR applies to non-EU companies that are storing and using data of individuals within the EU. It is your responsibility to ensure any third parties you use to store data are compliant with GDPR. This does not mean you should be telling Google about GDPR, but it does mean you should do some research to make sure they are compliant. The potential area of complication is when you are using a service but the organisation delivering that service houses data outside the EU. The good news is that many of the bigger more common organisations are either based in, or have a base in, the EU and so will be up to speed with GDPR. Some smaller, less well-known organisations based outside the EU could be storing data outside the EU which makes things more complicated. ? Thanks ? Carole
|
