If you’re like us, you’ve been getting a lot of emails from companies across the spectrum that are announcing changes to their privacy policies to be in compliance with GDPR (General Data Protection Regulation). Because this regulation was initiated by the European Union, most of the companies are obliged to update these policies by May 25th because they deliver products and services directly to users in the EU (and the UK despite their pending Brexit). The goals of the GDPR are to protect the privacy of Internet users in the EU and the UK by disclosing what data will be collected about them, how data will be used and shared, and what users can do to protect their information. A lot of companies are racing toward this deadline, and many will be working past May 25th to come into compliance.
Fractured Atlas is a US-based charity and most of our products are, by their nature, geared toward artists and arts organizations working and living in the United States. We have committed ourselves, however, to working harder to protect the data of our members, donors, and other site visitors, regardless of whether they are from the EU, UK, US, or anywhere else. In order to achieve compliance with GDPR, we are:
- Updating our privacy policy and terms of use to be more transparent and communicate your rights as a user;
- Reviewing software for possible updates that would result in more responsible data collection and sharing;
- Examining third-party vendors and their data collection and retention practices;
- Reassessing our data retention practices.
In addition to these steps, a member of our staff is working toward GDPR certification (which will likely lead to the appointment of a Data Protection Officer).
This is just the beginning of our work to protect the data of all Fractured Atlas members, donors, and other visitors to our sites. Stay tuned to our blog to learn more about our journey into the GDPR universe.
.svg)