Members will have noticed that the Guild’s website was down for a couple of weeks in October/November, as a result of discussions on the GDPR at the last Exec meeting.
The GDPR is a very broad legal framework intended to prevent people’s personal data from being misused or exploited. It is European-wide and necessarily suffers from the problems of trying to make one size fit all. The GDPR is intended to cover institutional use of personal data: personal use of personal data is specifically outside the scope of the Regulation. So if someone hacks into your computer (perhaps through a phishing email) and steals your Christmas card mailing list, you cannot be prosecuted for a data breach. But, if you are also a Guild Officer when your computer is hacked and the membership list is stolen, that could possibly make you a criminal! Seriously‼! You would have to show that you had taken reasonable precautions to prevent this from happening and that the Guild had done likewise. Make sure that your Antivirus software is up to date at the very least.
The argument in the Exec meeting was that a website can be viewed anywhere in the world and because of this, no personal data can be put on it without explicit consent (i.e. a record signed by the data subject and kept for ever). This includes photographs which became the focus of discussions, although anything that identifies a person (such as a name) is personal data. If this assertion were true, it could mean that many ringing websites could be illegal.
All Officers and tower correspondents have ‘official’ email addresses which are redirected to the address of the current post-holder. This keeps the personal addresses safe whilst meaning that you don’t need to know the email address or even the name of the current post-holder. The following examples should show how the system works.
(You can get the tower contacts from the Tower pages of the website, and the Guild and District contacts from those pages.)