{"id":2388,"date":"2018-05-23T12:33:58","date_gmt":"2018-05-23T12:33:58","guid":{"rendered":"http:\/\/adda.io\/blog\/?p=2388"},"modified":"2020-09-02T07:38:31","modified_gmt":"2020-09-02T07:38:31","slug":"adda-gdpr","status":"publish","type":"post","link":"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/","title":{"rendered":"ADDA &#8211; GDPR"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">On 25-May-2018 the European General Data Protection Regulation (GDPR), will become effective.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">GDPR changes the way organisations handle personal data of European Union citizens, and non-compliance with GDPR can cost hefty fines to the Organisation.<\/span><\/p>\n<p>This is to inform ADDA Users that the ADDA suite &#8211; ADDA ERP and ADDA GateKeeper are GDPR ready.<\/p>\n<p>If you are part of Managing Committee \/ Board of your Association, please review this Blog Post to know your responsibilities to ensure the Association is GDPR ready.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_81 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-69e5a16acfe0a\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-69e5a16acfe0a\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#Our_Community_is_not_in_Europe_why_do_we_need_GDPR_readiness\" >Our Community is not in Europe, why do we need GDPR readiness?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#What_does_an_Association_need_to_do_for_GDPR_readiness\" >What does an Association need to do for GDPR readiness?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#1_Understand_your_Role_%E2%80%93_Data_Controller\" >1. Understand your Role &#8211; Data Controller<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#2_Understand_your_chosen_Portals_Role_%E2%80%93_Data_Processor\" >2. Understand your chosen Portal\u2019s Role &#8211; Data Processor<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#3_Get_complete_assurance_that_the_Data_Processor_is_not_sharing_any_Personal_Data_from_your_Portal_to_ANY_third_party_without_your_consent_or_explicit_awareness\" >3.\u00a0 Get complete assurance that the Data Processor is not sharing any Personal Data from your Portal to ANY third party without your consent or explicit awareness.<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#_4_Know_your_Lawful_Basis_for_Processing_the_Personal_Data_of_each_Segment\" >\u00a04.\u00a0\u00a0Know your Lawful Basis for Processing the Personal Data of each Segment<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#a_Right_to_be_Informed\" >a) Right to be Informed<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#b_Right_of_Access\" >b) Right of Access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#c_Right_to_Rectification\" >c) \u00a0Right to Rectification<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#d_Right_to_Erasure\" >d) Right to Erasure<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#e_Right_to_Restrict_Processing\" >e) Right to Restrict Processing<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#f_Right_to_Data_Portability\" >f) Right to Data Portability<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#g_Right_to_Object\" >g) Right to Object<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/adda.io\/blog\/2018\/05\/adda-gdpr\/#h_Rights_related_to_automated_decision_making_including_profiling\" >h) Rights related to automated decision making including profiling<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Our_Community_is_not_in_Europe_why_do_we_need_GDPR_readiness\"><\/span><b>Our Community is not in Europe, why do we need GDPR readiness?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>All organisations that store or process the Personal Data of any EU citizen must comply by the GDPR.<\/p>\n<p><i><span style=\"font-weight: 400;\">Many Residential Communities in highly Cosmopolitan pockets around the world have Owners or Tenants who may be EU Citizens.<\/span><\/i><\/p>\n<p><span style=\"font-weight: 400;\">You may be storing their Personal Data on ADDA ERP, any other online database, or even in Offline database such as excel sheets.<\/span><\/p>\n<p><i><span style=\"font-weight: 400;\">Most Communities have Visitors with EU Citizenship.<\/span><\/i><\/p>\n<p><span style=\"font-weight: 400;\">You may be storing their Personally identifiable data on ADDA GateKeeper, any other online database, or more frequently in Paper Registers.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It is important that your Association is not caught unaware regarding the handling of Personal Data of EU Citizens. <\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"What_does_an_Association_need_to_do_for_GDPR_readiness\"><\/span><b>What does an Association need to do for GDPR readiness?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3 style=\"padding-left: 30px;\"><span class=\"ez-toc-section\" id=\"1_Understand_your_Role_%E2%80%93_Data_Controller\"><\/span><b>1. Understand your Role &#8211; Data Controller<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"padding-left: 60px;\"><span style=\"font-weight: 400;\">For the below Data, if collected and stored by you, you are the \u201cData Controller\u201d as per GDPR definitions.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">a) Owners\/Tenants Data<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">b) Association Staff Data\/ Vendor Data<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">c) Domestic Staff Data <\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">d) Visitor Data<\/span><\/p>\n<p style=\"padding-left: 30px;\">\u00a0 \u00a0 \u00a0 \u00a0The Controller decides the Purposes and Means of processing Personal Data.<\/p>\n<h3 style=\"padding-left: 30px;\"><span class=\"ez-toc-section\" id=\"2_Understand_your_chosen_Portals_Role_%E2%80%93_Data_Processor\"><\/span><b>2. Understand your chosen Portal\u2019s Role &#8211; Data Processor<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"padding-left: 60px;\"><span style=\"font-weight: 400;\">You may choose a Portal like ADDA to store and process all the above data.<\/span><\/p>\n<p style=\"padding-left: 60px;\"><span style=\"font-weight: 400;\">Such Portal is called a \u201cData Processor\u201d in GDPR terminology. A Processor is responsible for processing personal data on behalf of the Controller.<\/span><\/p>\n<h3 style=\"padding-left: 30px;\"><span class=\"ez-toc-section\" id=\"3_Get_complete_assurance_that_the_Data_Processor_is_not_sharing_any_Personal_Data_from_your_Portal_to_ANY_third_party_without_your_consent_or_explicit_awareness\"><\/span>3.\u00a0 Get complete assurance that the Data Processor is not sharing<strong> any Personal Data from your Portal to ANY third party without your consent or explicit awareness.<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"padding-left: 60px;\"><span style=\"font-weight: 400;\">\u00a0From ADDA you have this awareness in our ToS (Data Privacy section).<\/span><\/p>\n<p style=\"padding-left: 60px;\"><span style=\"font-weight: 400;\">\u00a0If you find the ToS of any other provider ambiguous w.r.t Data Privacy and Security, ask for <\/span><span style=\"font-weight: 400;\">clarity.<\/span><\/p>\n<h3 style=\"padding-left: 30px;\"><span class=\"ez-toc-section\" id=\"_4_Know_your_Lawful_Basis_for_Processing_the_Personal_Data_of_each_Segment\"><\/span><span style=\"font-weight: 400;\"><strong>\u00a04.<\/strong>\u00a0\u00a0<\/span><b>Know your Lawful Basis for Processing the Personal Data of each Segment<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"padding-left: 60px;\">\u00a0 \u00a0 \u00a0 \u00a0a) Owner\/Tenant Data<\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">The Lawful basis in case the Data is stored in ADDA ERP: <\/span><a href=\"https:\/\/ico.org.uk\/for-organisations\/guide-to-the-general-data-protection-regulation-gdpr\/lawful-basis-for-processing\/legal-obligation\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Legal Obligation<\/span><\/a><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">The Lawful basis in case the Data is stored in ADDA GateKeeper: <\/span><a href=\"https:\/\/ico.org.uk\/for-organisations\/guide-to-the-general-data-protection-regulation-gdpr\/lawful-basis-for-processing\/vital-interests\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Vital Interests<\/span><\/a><\/p>\n<p style=\"padding-left: 60px;\"><span style=\"font-weight: 400;\">\u00a0 \u00a0 \u00a0 \u00a0b) Association Staff Data \/ Vendor Data<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">Lawful basis: <\/span><a href=\"https:\/\/ico.org.uk\/for-organisations\/guide-to-the-general-data-protection-regulation-gdpr\/lawful-basis-for-processing\/contract\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Contract<\/span><\/a><\/p>\n<p style=\"padding-left: 90px;\">c) Domestic Staff Data (may include Tutors)<\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">Lawful basis: <\/span><a href=\"https:\/\/ico.org.uk\/for-organisations\/guide-to-the-general-data-protection-regulation-gdpr\/lawful-basis-for-processing\/public-task\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Public Task<\/span><\/a><\/p>\n<p style=\"padding-left: 90px;\">d) Visitor Data<\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">\u00a0Lawful basis: <\/span><a href=\"https:\/\/ico.org.uk\/for-organisations\/guide-to-the-general-data-protection-regulation-gdpr\/lawful-basis-for-processing\/public-task\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Public Task<\/span><\/a><\/p>\n<p style=\"padding-left: 30px;\"><b>\u00a0 5. Know each Individual Right of EU Citizen under GDPR and how you can be ready for them<\/b><\/p>\n<p style=\"padding-left: 90px;\">All GDPR related requests are to be raised to the data controller, the Associations. Please validate the request first based on below guidelines. There are also a few key areas for which you might require ADDA team&#8217;s help. They are mentioned in line with the &#8220;Rights&#8221; below:<\/p>\n<h4 style=\"padding-left: 90px;\"><span class=\"ez-toc-section\" id=\"a_Right_to_be_Informed\"><\/span>a) Right to be Informed<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">As per this Right, the Individual has the right to be informed of the purpose for processing of their personal data, retention period and who it will be shared with.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">For Owners\/Tenants, the ADDA ToS will cover this. They will be informed of the purpose of processing, retention period and who their data will be shared with.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">For Staff\/Domestic Staff, their enrollment process in \u201cStaff Management\u201d of ADDA will cover it.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">For Vendors, their enrollment process in \u201cVendor Management\u201d of ADDA ERP will cover it.<\/span><\/p>\n<p style=\"padding-left: 90px;\">For Visitors, the ADDA ToS will cover this, also the ADDA GateKeeper Red Board placed outside each Gate and visible to Visitors is upgraded with this information.<\/p>\n<h4 style=\"padding-left: 90px;\"><span class=\"ez-toc-section\" id=\"b_Right_of_Access\"><\/span>b) Right of Access<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"padding-left: 90px;\">Users can make a request (Verbal or Written) to view their Data stored. You have one calendar month to respond to their request.<\/p>\n<p style=\"padding-left: 90px;\">This request will come to the Association.<\/p>\n<p style=\"padding-left: 90px;\">If the request is Verbal, please ensure you lodge a Helpdesk Ticket on ADDA to document the request.<\/p>\n<p style=\"padding-left: 90px;\"><em>Once you have ascertained that the requestor is an EU citizen (hence has lawful right) and you are indeed storing their personal data, you can raise a query to ADDA. All personal information of the requester, which are stored in ADDA will be sent to the requester.<\/em><\/p>\n<h4 style=\"padding-left: 90px;\"><span class=\"ez-toc-section\" id=\"c_Right_to_Rectification\"><\/span><strong>c) \u00a0Right to Rectification<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">An individual can make a request (Verbal or Written) to rectify their data stored. You have one calendar month to respond to their request.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">This request will come to the Association.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">This feature to rectify data is already available in ADDA for Owners\/Tenants, Staff, Domestic Staff and Vendors.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">In case of Visitors, the Association may evaluate the legitimacy of this request against the Controller\u2019s Obligations under the accuracy principle of the GDPR. This means that if a Visitor wishes to rectify their data you can refuse it if it is detrimental to the lawful purpose of storing or processing the data &#8211; Incident Investigation.<\/span><\/p>\n<h4 style=\"padding-left: 90px;\"><span class=\"ez-toc-section\" id=\"d_Right_to_Erasure\"><\/span>d) Right to Erasure<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"padding-left: 90px;\">An individual can make a request for erasure of their personal data (verbally on written). You have one calendar month to respond to their request.<\/p>\n<p style=\"padding-left: 90px;\">This request will come to the Association.<\/p>\n<p style=\"padding-left: 90px;\">This needs to be handled on case basis.<\/p>\n<p style=\"padding-left: 120px;\"><strong><i>Owner\/Tenant Data<\/i><\/strong><\/p>\n<p style=\"padding-left: 120px;\"><span style=\"font-weight: 400;\">Association can refuse this request as it conflicts with Legal Obligation, while the Owner\/Tenant is associated with the Association. I.e., they are either owning a property in the Association, residing there, or owes unpaid Dues to the Association.<\/span><\/p>\n<p style=\"padding-left: 120px;\"><span style=\"font-weight: 400;\">However, once there are no Legal Obligations &#8211; e.g., the Owner has sold or Tenant has vacated and there are no unpaid Dues or Objections from the Association, the Association must uphold this Right to Erasure.<\/span><\/p>\n<p style=\"padding-left: 120px;\"><span style=\"font-weight: 400;\">After ascertaining the legitimacy of the request and the identification of the Individual as EU Citizen, Head to the relevant Page on ADDA Admin to delete the data of a Deactivated user.<\/span><\/p>\n<p style=\"padding-left: 120px;\"><strong><i>Staff\/Vendor\/Domestic Staff Data<\/i><\/strong><\/p>\n<p style=\"padding-left: 120px;\">Association can refuse this request while the Staff is employed with the Association or the Domestic Staff works within the premises.<\/p>\n<p style=\"padding-left: 120px;\">However, if the Staff\/Domestic Staff is no longer in the employment of the Association or any Member respectively, the Right to Erasure must be upheld.<\/p>\n<p style=\"padding-left: 120px;\"><span style=\"font-weight: 400;\">Right to Erasure can be denied if the Data is lawfully classified as \u201cCriminal Offence Data\u201d. <\/span><\/p>\n<p style=\"padding-left: 120px;\"><strong><i>Visitor Data<\/i><\/strong><\/p>\n<p style=\"padding-left: 120px;\"><span style=\"font-weight: 400;\">Association can refuse this request if stipulated storage duration as per the lawful purpose of it (Incident Investigation), has not expired.<\/span><\/p>\n<p style=\"padding-left: 120px;\">Upon Expiry of the stipulated storage duration, the Right to Erasure must be upheld.<\/p>\n<p style=\"padding-left: 120px;\">Right to Erasure can be denied if the Visitor Data is lawfully classified as \u201cCriminal Offence Data\u201d.<\/p>\n<p style=\"padding-left: 90px;\"><em>In case of valid requests to the Association, from the Association you can raise a request to us and the ADDA team will make sure that the individual&#8217;s data is anonymized in the system.<\/em><\/p>\n<h4 style=\"padding-left: 90px;\"><span class=\"ez-toc-section\" id=\"e_Right_to_Restrict_Processing\"><\/span>e) Right to Restrict Processing<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">If an Individual restricts the processing of their personal Data you are permitted to store the data but not use it.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">While we can not think of many use-cases for this request to Owners Associations, perhaps for Individuals who have requested for Data Erasure, the Association may discuss with them and convert the request to Restrict Processing.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><em>On receiving a valid request, you can consider deactivating the individual in ADDA, which will restrict processing of any personal data.<\/em><\/p>\n<h4 style=\"padding-left: 90px;\"><span class=\"ez-toc-section\" id=\"f_Right_to_Data_Portability\"><\/span>f) Right to Data Portability<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">This Right allows the Individual to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability. <\/span><\/p>\n<p style=\"padding-left: 90px;\"><em><span style=\"font-weight: 400;\">The Association can raise a request to ADDA (after ascertaining the user&#8217;s identity as EU citizen). We will be sending the user all personal data in csv format for purposes of data porting.<\/span><\/em><\/p>\n<h4 style=\"padding-left: 90px;\"><span class=\"ez-toc-section\" id=\"g_Right_to_Object\"><\/span>g) Right to Object<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"padding-left: 90px;\">This is the Right of an Individual to object to the data processing under certain circumstances. Individuals have an absolute right to stop their data being used for Direct Marketing.<\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">In case you refuse this Right due to Lawful basis to continue processing, you can provide the justifying information to the Individual.<\/span><\/p>\n<p style=\"padding-left: 90px;\"><em>In case of a valid concern, an Association can raise a request to ADDA, on behalf of the EU citizen. We will provide the user option to opt out of any marketing related communications.<\/em><\/p>\n<h4 style=\"padding-left: 90px;\"><span class=\"ez-toc-section\" id=\"h_Rights_related_to_automated_decision_making_including_profiling\"><\/span>h) Rights related to automated decision making including profiling<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">We have not identified any use case for this Right in the Association context. <\/span><\/p>\n<p style=\"padding-left: 90px;\"><span style=\"font-weight: 400;\">The ADDA Advisory team for GDPR will be available to answer any questions you as the Board\/Managing Committee\/OA Management company may have in this regard.<\/span><\/p>\n<p><i>As mentioned above, for queries from your EU members related to Right of Access\/Data Potability, Right to Erasure, Right to Object, where you need ADDA&#8217;s help, please raise a support ticket.<\/i><\/p>\n<p><i>Select Category: Work Request Non Accounting &gt; Other. Our team will guide you. (<\/i>Please attach a proof of EU citizenship for concerned member)<\/p>\n<p><i><span style=\"font-weight: 400;\">NOTE: Those of us who are not EU Citizens may appreciate the data protection provided by GDPR and wish they become applicable on Users of all Citizenships.<\/span><\/i><\/p>\n<p><i><span style=\"font-weight: 400;\">However, while it is not, let us ensure we do not overload our Association\u2019s limited resources with GDPR queries. Let us help our Associations abide by the Laws that are relevant, and respect their limited time and resources. <\/span><\/i><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On 25-May-2018 the European General Data Protection Regulation (GDPR), will become effective. GDPR changes the way organisations handle personal data of European Union citizens, and non-compliance with GDPR can cost&hellip;<\/p>\n","protected":false},"author":8,"featured_media":2394,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[109],"tags":[135,134],"class_list":["post-2388","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-adda-home-owners-association","tag-european-general-data-protection-regulation","tag-gdpr"],"_links":{"self":[{"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/posts\/2388","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/comments?post=2388"}],"version-history":[{"count":27,"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/posts\/2388\/revisions"}],"predecessor-version":[{"id":12300,"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/posts\/2388\/revisions\/12300"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/media\/2394"}],"wp:attachment":[{"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/media?parent=2388"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/categories?post=2388"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adda.io\/blog\/wp-json\/wp\/v2\/tags?post=2388"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}