We love privacy. But we’re sobered by potential costs of the EU’s new General Data Protection Regulation (GDPR). Check out the home page at…
England and the UK are apparently following this too. Would you please click “Comment” following the web or app version of this item and tell (anonymously, if you prefer) how these new laws might impact your org, agency, or church? (Thanks for kicking this up, JED, and thanks for brainstorming with us on this, Greg.)
You are right in suggesting that “England and the UK are apparently following this too”, since England is part of the UK, and the UK is part of the EU!
How will this affect us? We’re having to put in place stricter guidelines on how we collect data from people (primarily contact details), what we tell them at the point of collection, and what we do with that data once it’s obtained.
It’s a bit of a headache having to put together all the policies and procedures that will make us proactively compliant, but in the end it will mean we are using our data not only in a legal way but also a more effective way.
Europe leaders for the agency I work with researched what effect the policy has on missionary prayer letters and assured our workers in Europe that they don’t need to confirm consent for that. So, the same goes for those of us outside EU/UK who have folks there on our personal mailing lists, even if we are sending those emails through an automated service like Mailchimp or Constant Contact.
But organizational emails are a different story; ministries need to take action to comply.
I wasn’t sure how this should affect the email newsletter I manage, but in pursuing a compliance strategy for my agency, “do nothing” did not seem an adequate response for Missions Catalyst. It’s more like an organizational email than a personal email.
I’ve updated the subscription process in order to comply. Also contacted all 900+subscribers whose IP address showed them as being in an EU country or “unknown” location (even if other data suggested they were in a country not covered by the GDPR). Plan to send future emails only to those who re-confirm their subscription or whose IP address shows them as being in a country not affected.
A hassle for our (willing) subscribers and for me, but also a good opportunity to confirm that our emails only go to those who want them.