[iaoa-infrastructure] IAOA & the EU General Data Protection Regulation (GDPR)
Frank Loebe
frank.loebe at informatik.uni-leipzig.de
Thu May 10 18:38:00 CEST 2018
Dear all,
I'm not aware of whether the following matter has been addressed in the
past already, but just as my sports club is having "a lot of fun" with
the German implementation, I started wondering to what extent IAOA (and
its website(s), in particular) pays attention to and complies with the
EU General Data Protection Regulation (GDPR) [1,2], which will become
effective as of May 25, 2018.
As far as I understand matters (which is not really far), I believe we
should seek compliance with the GDPR, given that we process personal
data of EU individuals (a.o.) and are (or, at least, may be) subject to
the GDPR, independently of IAOA(-CH) being based outside of the EU as
well as of the location of any IAOA servers within the EU or not.
I'd suggest to keep that matter in mind even when setting up the new
membership database. I'm further afraid that this may require quite a
bit of detailed knowledge about the GDPR, which at least I myself don't
have. Does anyone else among us?
NB: Despite of what it might look like due to opening this can of worms,
I have clearly _NO_ interest at all to delay getting the new website
ready and officially live.
Best regards,
Frank
[1] https://www.eugdpr.org/
[2] https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
More information about the iaoa-infrastructure
mailing list