Launch22 Terms and Conditions GDPR
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. The key articles of the GDPR, as well as information on its business impact, can be found throughout this site.
1. Data Portability
GDPR introduces data portability - the right for a data subject to receive the personal data concerning them, which they have previously provided in a 'commonly use and machine readable format' and have the right to transmit that data to another controller. Launch22 reserves the right to take up to 1 week to collate all data relevant to a data subject from when the official request is put through
2. Right to be forgotten
Also known as Data Erasure, the right to be forgotten entitles the data subject to have the data controller (Launch22) erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. The conditions for erasure, as outlined in article 17, include the data no longer being relevant to original purposes for processing, or a data subjects withdrawing consent. It should also be noted that this right requires controllers to compare the subjects' rights to "the public interest in the availability of the data" when considering such requests.
3. Privacy by Design
Privacy by design although a concept that has existed for years now, is now a legal requirement per GDPR. Privacy by design calls for the inclusion of data protection from the onset of the designing of systems, rather than having to rectify the database at a later date. Launch22 will therefore “implement appropriate technical and organisational measures…in an effective way... in order to meet the requirements of this Regulation and protect the rights of data subjects”. In compliance with Article 23 Launch22 will only hold and process the data absolutely necessary for the completion of its duties as well as limiting the access to personal data to those needing to act out the processing.
4. Breach Notification
Should Launch22 find themselves in breach of any data protection, that may “result in a risk for the rights and freedoms of individuals”, within 72 hours of being notified they will be required to notify the customers and comply with the removal of any data in question “without undue delay”.
5. Photography and Videography
Launch22 users will have the right to request, per the aforementioned Right to be forgotten, for Launch22 to delete any and all footage/media content pertaining to the individual in question. Launch22 does however reserve the right to comply to this request for up to a week after the request has been officially put through.
6. Putting through a formal request for data retraction
In order to retract data from the Launch22 database or activate clauses 1. and 2. data subjects must put through a formal request by emailing firstname.lastname@example.org with a formal request specifying in accordance to which clause data should be retrieved or handled.
Launch22 operates newsletters through a third party, MailChimp. These campaigns which are run, will be used solely to notify members of upcoming events that will be useful or benefit the member