What is the GDPR?
In April 2016, the European Commission (EC) approved and adopted the new General Data Protection Regulation (GDPR), which replaces the 1995 EU Data Protection Directive an standardizes data protection law across the EU countries. The GDPR went into effect on May 25, 2018.
Does it apply to me?
GDPR applies to all organizations processing the “personal data” of EU residents, regardless of whether the organization is operating in the EU. GDPR defines “personal data” as “any information relating to an identified or identifiable natural person.” This definition includes a wide range of personal identifiers, such as name, identification number, location information, and online identifiers. “Personal data” as defined by GDPR is notably much broader than the terms used in other data protection regulations, such as “sensitive information” or “personally identifiable information.”
What is advanced privacy at NationBuilder?
One of NationBuilder’s core tenets has always been that our customers own and can efficiently manage their own data. With that comes a responsibility to help our customers ensure that they are protecting and securing their data, which includes complying with applicable regulations.
We have always been committed to robust compliance, data protection and security practices, and that commitment remains true with respect to GDPR.
As such, we have created a variety of advanced privacy tools so that you can ensure you have gained the consent you need to build strong relationships with your supporters. Once advanced privacy is enabled, you’ll have the ability to create consent options, customize consent forms, log digital wills, and more. Read more here about how to enable your advanced privacy suite of tools.
The information offered on this page is not legal advice. NationBuilder is providing general information about GDPR and about the steps we have taken in preparation for GDPR. Even if some of this information is about regulatory requirements, it is not the same as legal advice, where an attorney applies the law to your specific facts and circumstances. Please be sure to consult with an attorney about specific compliance requirements for you and your organisation.
Our GDPR updates
One of NationBuilder’s core tenets has always been that our customers own their own data. With that comes a responsibility to provide tools that help our customers ensure that their data is protected and secure, which includes complying with applicable regulations. In 2017 and 2018, we expanded and updated our suite of product features to address our customers’ needs for tools that help collect and manage data in compliance with GDPR. Over time, we have continued to improve on those features to make it even easier for our customers to meet their GDPR compliance obligations while using NationBuilder.
Transferring data outside the EU
There is no obligation under the GDPR for data to be stored and processed exclusively in the EU. 3DNA Corp. maintains a Privacy Shield certification with the U.S. Department of Commerce which ensures that our collection and processing of personal data from our customers in the European Union will be done in accordance with the EU-US Privacy Shield Framework. This certification applies to 3DNA Corp., but specifically excludes RunForOffice.org.
We also offer a Data Processing Addendum to our agreements with our customers, which contains approved Model Clauses for data transfers outside of the EEA.
Many of our standard customer agreements have been updated in light of GDPR. You can review our Terms here.