Disclaimer: Qomon does not replace any specialised legal advice or designation within your organisation of a "Data Controller" or "Data Protection Officer".
This resource is provided for informational purposes only and cannot replace expert legal advice.
How we Manage Privacy Laws & protect your Data?
Find a complete help article on our website. You'll find out:
What types of Personal Data we handle at Qomon
How we manage Data and Privacy Law Compliance at Qomon
How we help our customers comply with Privacy Laws
A FEW TIPS AND BEST PRACTICES.
Best Practice # 1: Give your team proportionate access to information
There are different roles in Qomon. Some roles, such as “member”, do not allow access or very limited access (like “field organizer”) to personal data. Find details here.
Give proportionate access to information within your team and remember that a member of your team (even if she/he is a volunteer) is under the responsibility of your organisation. It similar to an employee and company relationship.
During your first connection, the web platform will remind you of this!
Other good practices: Do not forget to ...
Change your password regularly
Remove access to your members who have not been active for some time (you have access to the activity of your members in the "analysis" tab of the web platform) or who seem to no longer belong on the app.
Best practice #2: As an admin, you get to set keywords or tags, status, questions... be careful to respect the rules!
You are an admin or super admin. With great power come great responsibility. In particular, you have access to your organization’s parameters, from which you can define status (there are some by default), contact forms, surveys, or tags for your entire organization)
Remember that the tags and fields you create must remain adequate and not excessive in terms of purpose.
Remember to limit unrestrained fields and unrestrained comments for your teams so that there is no clumsy or illegal information in your database
Think about raising awareness - like during Qomon trainings - about collecting and using data soundly.
Best Practice #3: Empower and make your teams accountable
Remind your teams of the principles listed at the beginning of this article. They need to explain to the people they meet the context of their approach, why they do it, with which organization/movement, and their consent.
Do not force the hand of those who do not wish to enter the process of disclosing their contact information or answering your questions, it is totally useless.
Mobilizing and engaging citizens has nothing to do with the accumulation of data but more with the relationship of trust that is built with the person.
Best Practice #4: Appoint a DPO (Data Protection Officer) and create a personalized email address made specifically to contact you for requests of personal data information.
You can appoint a Data Protection Officer (or DPO) within your organization. They would be the person in charge of making sure the rules relating to personal data are respected. Third parties can contact them if they have questions about their personal data.
We too, at Qomon, have a DPO: Florent. You can contact him at [email protected]
You can also create an email address regarding requests for information on a personal data. It is important to be pro-active in these steps to show your good will regarding the respect of the right of rectification, deletion etc.
In the end, it’s all about progress ✊
In the end, keep in mind that the use of a platform is much more virtuous than the old systems of paper or excel files that just keep piling up!
The software keeps the trace of the origin, the timestamp of the consent, the possibility of permanently deleting a contact (without dragging elsewhere), of centralizing the data, thus of being able to fully inform an individual of all the data you have on them! The systems are much more transparent and virtuous than old practices.