HI TECH AND GDPR
WHAT IS GDPR?
General Data Protection Regulation (GDPR) is a law to protect citizens personal data and was put in place on May 25th, 2018. GDPR regulates how the processing of personal data is allowed to be handled. All types of organisations must follow the regulation and HI TECH, as an association, is bound to it as well. Usage of personal data should always imprint transparency for the individual who is always entitled to be informed about which personal data the organisation has stored, why it has been collected, change misleading information and have it removed.
This document regulates how HI TECH handles personal data of the associations members.
WHAT IS PERSONAL DATA?
Personal data is information that links to an individual person. Examples of personal data include social security numbers, names, phone numbers, images and addresses.
COLLECTING OF PERSONAL DATA
Processing of personal data must follow certain demands, for example lawful basis.
With lawful basis means that one of the following areas must be achieved:
Consent: The registered person has agreed.
Contract: The registered person has an agreement with the data controller.
Legitimate interests: Personal data can be processed if there is an interest that outweighs the individual rights and processing is necessary for the aim.
Legal obligation: Laws and regulations.
Public authority tasks.
Vital interests: If the registered cannot leave consent but must be protected.
To gather personal data the following is required:
o A purpose that the personal data is collected for. The purpose should be described in a concrete and specific way.
o Only the personal data that is demanded for the purpose can be gathered.
o Personal data must be removed when the purpose is achieved.
o Unauthorised parties shall not have access to the personal data.
It is never allowed to gather personal data only for access. All collecting must always
have a purpose.
When collecting personal data, the individual must be informed of:
o Who is responsible for the personal data.
o What personal data is collected and the usage of it.
o The individual rights to gain access, change misleading information and have
it removed. The individual has the right to know how long the personal data
is saved.
WHAT IS HI TECH?
HI TECH (org. number 802432-6467) is a student association at School of Engineering at Jönköping University. The purpose of the association is according to the associations By-law (2018): “The purpose of the Association is to ensure the quality of its members studies, offer the members an opportunity to influencing the education that takes place at the School of Engineering at JU, and provide students with a meaningful complement to their studies in the form of an active social life outside of their studies.” The HI TECH Board is responsible for the association and works for all members. The association also has committees and project groups that works with different areas of the associations operations.
HOW DOES HI TECH HANDLE PERSONAL DATA?
RULES
USING OF PERSONAL DATA DURING TICKET SALES
CLOSED EVENTS (CAPS, SITTNINGS, GALA, BANQUETTE, ETC)
TRIPS (HIKE TRIP ÅRE, HIKE TRIP LUND, HIKE TRIP EUROPE, ETC)
Those who attend trips need to sign a contract with both their name and signature. This contract regulates each travellers own responsibility during the trip.