Data privacy dashboard
It is no surprise that data privacy and compliance has become a huge issue over the past few years, particularly since the introduction of GDPR legislation in Europe and similar legislation around the world such at the CCPA in California. Ecanvasser has been at the forefront of data privacy compliance for organizations who deal in citizen data and we have been making constant improvements to our offering over the past 24 months. Now we are delighted to announce an expansion of our privacy dashboard to centralise all of the data protection elements of the product into one place. This privacy dashboard feature puts Ecanvasser squarely as the leader in the field of data privacy and compliance for associations, nonprofits and political organizations worldwide. With this powerful new tool data protection officers, IT professionals and anyone administering a citizen database can have peace of mind that their organization will be protected and compliant.
1. The privacy dashboard
Data subjects always had a right to request access to their data. With the recent privacy updates, their rights have been extended to include:
- Central view of all contact data recorded
- Export function to provide a complete list of contact records in your database
- Delete option that permanently destroys any data related to a contact record
- Edit option to rectify and update a contacts record
- Role based permission controls to restrict and limit access to contact records
Ecanvasser eases the burden of actioning any subject right requests with the following embedded features:
- Rights in relation to automated decision making and profiling
- The right to be informed
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
That’s a lot of data subjects rights that you need to comply with. This can be daunting to manage especially with quite a short timescale for processing a subject access request.
3. Permission settings
Permission settings provide you with multiple access levels to a suite of features within the platform that lets you create a hierarchy of data access and controls. In distributed organizations or ones where there is a high volume of people needing limited access to your database these permission controls are essential for database security and activity tracking.
4. Privacy Notices
5. Subject Access Requests
SAR's can be difficult to manage but with Ecanvasser you can export a data subject's details instantly and you can delete a subject's data with the click of a button if they request it. Data audit and compliance requests are easily handled with instant recall of where and when data was collected in individual instances or in aggregate through data export. This ensures fast turnaround on data audits or in the case of a data breach.
6. Data anonymization
Data anonymization and archiving is now easily managed. Personal contact data can be anonymized within a few clicks through the powerful Data Anonymization mechanism ensuring you only maintain the data that is necessary at any one time.
You should anonymize your collected data when you no longer have a legal basis to retain personally identifiable data, such as after your campaign has ended.
Within Ecanvasser this involves removing all personally identifiable information from your database, including data that relates to community members, survey responses and any reported issues. In this process your campaign statistics will be collated and will be accessible in our Analytics tab.
7. Database segregation for distributed organizations
This means that you can have an entirely separate Ecanvasser dashboard and database for local chapters. These local instances connect through a HQ dashboard called Leader. This contains databases in silos, protecting local chapters from having access to each others' databases. The Leader account will have access to a parent database that contains everything in the local chapters.
We are extremely proud of leading the way in data protection technology for organizations who care about their citizen data. If you would like to learn more about Ecanvasser's data protection tools just click the link below.
8. Data protection officer contact details
Under the GDPR, certain organisations are required to appoint a designated Data Protection Officer (DPO). Organisations are also required to publish the details of their DPO and provide these details to their national supervisory authority.
The Data Controller determines the purposes for which and the means by which personal data is processed. The account owner is defaulted as the Data Controller.
An organisation is required to appoint a designated data protection officer where:
1. The processing is carried out by a public authority or body;
2. The core activities of the controller or the processor consist of processing operations, which require regular and systematic monitoring of data subjects on a large scale; or
3. The core activities of the controller or the processor consist of processing on a large scale of special categories of data or personal data relating to criminal convictions and offences.
We've provided you with a place to store the Data Protection Contact details, including the Data Controller and the Data Protection Officer.