And the Brigada audience responded. For example, Peter expressed his opinion that, just because we might use MailChimp as a service to send newsletters, it didn’t get “the monkey off our back,” so to speak. Maybe MailChimp was acting as the processor, but Peter felt that we would still be the controller.
Carolyn shared, ” Have you run the tools in MailChimp to get your account GDPR compliant? It took me a while to go through and set up everything on mine. Start at:
Also, there are things you need to have on your website (see the checklist on the bottom half of this page:
She also pointed out, “Make sure you make necessary changes to any comment forms on your website, any place where people donate, etc. If you have a “Leave a Reply” form, with an option to save name, email and website, that means you are storing people’s data, so you need to check regulations for keeping that secure (SSL?) and how people can request for it to be deleted later.”
She added, “I don’t have all this figured out yet…but yes, it is serious, and yes, there are things that need to be taken care of to be compliant.” I’m glad she’s willing to help us all address the details of GDPR, not only so we can be compliant, but also so we can be better at storing and interacting with the personal information of our friends, partners, and co-workers. Thanks Carolyn!!!
Do you have other opinions or comments on the GDPR? Please add to the thread at…
and thanks for your input.
Article 4 defines data processors and controllers in the law.