GDPR Specific non-standard CF platform managers

GDPR Legal Regulation                                            GDPR standard platforms CommunityForge 

Specific treatment of non-standard CF platforms 
(managers user 1 or hosted on other servers than those rented by CF)

This is the type of data storage

"in the case of CF it is the registration of sql databases, for exchange platforms"

Purpose of non-standard platform processing

Data storage must be performed on servers corresponding to the GDPR Complain criteria and in a secure data centre based in Europe.

If hosted on CommunityForge servers (CommunityForge Guaranteed via Gandi GDPR Complain)

Responsibility for hosting on other servers is entirely the responsibility of the site managers.

Basis of processing platforms

Management of exchange platforms and users thereof.

Functional data category on non-standard platforms

Variable depending on use by CommunityForge non-standard platform managers

(Standard)

E-mail address (Accessible only to managers)

Name (Accessible to members and managers)     

First name (Accessible to members and managers)

Address (Accessible to members and managers)

Number (Accessible to members and managers)

Postal Code (Accessible to members and managers)

City (Accessible to members and managers)

Telephone number (Accessible to members and managers)

Category of persons concerned standard platforms

User one

Local Admin

Members Committees

...

Retention period

Until the platform is destroyed

With the agreement of the member.

Data category

Member cards and platform managers

Category(ies) of recipients third country/international organisation

According to the platform managers

Non-standard platform documents

(standard) Private secure space with the possibility of creating public documents if necessary under the responsibility of the administrators

Appropriate safeguards

If stored on servers by CommunityForge, secure servers, secure database and guaranteed GDPR hosting

If stored at another hosting provider, it falls under the full responsibility of the platform managers.

Description of security measures

If stored on servers by CommunityForge, guaranteed hosting GDPR Complain

DDOS protection cloudflare adjacent with 1024 bit SSL protection

Servers with 7 layers of 1024-bit protection

Linux script protections

Systemic backups 9 phases /24/9

Added backups security in GDPRComplain backup servers

Data extractions carried out for dissemination purposes, whatever the method, are the responsibility of the administrators who must make declarations to the members and to the bodies concerned.

Any type of files distributed in public and containing private data are prohibited

--------------------------------------------------

If stored at another hosting provider, it falls under the full responsibility of the platform managers.

Data extractions carried out for dissemination purposes, whatever the method, are the responsibility of the administrators who must make declarations to the members and to the bodies concerned.

Informations about concerned persons

User One

Local Admin

Member Committees

.....

Procedure for exercising rights.

Systemic Generation by Cron Procedures

Or Backup and Migrate procedure.

*************************************************************************************************************

For info:

For Google: Google drive assigned to an owner domiciled in Europe: GDPR Complain server storage.

For Google dropbox (pro) paid version assigned to an owner domiciled in Europe: GDPR Complain server storage.

For Google dropbox (free) free assigned to an owner domiciled in Europe: server storage not guaranteed GDPR.

For Google mail: assigned to an owner domiciled in Europe: GDPR Complain server storage.

For Microsoft all services except "cloud" services assigned to an owner domiciled in Europe:  storage server GDPR Complain.

Warning: if in your parameters you indicate to live in Australia, Switzerland or...you will be in violation of the rules of the GDPR because the services and tools which will be attached to it (dropbox pro,...) will not be in conformity with safety regulations GDPR.

For Yahoo all services assigned to an owner domiciled in Europe or not: server storage GDPR Complain not guaranteed.

Framasoft: GDPR service not guaranteed