Data Processor: Summary of Duties
All Branch Officers will be regarded as Data Processors. A Data Processor is responsible for processing personal data and responsible to the Data Controller (Regional Officer).
As a Data Processor under the GDPR (General Data Protection Regulation) you have specific legal obligations; for example, you are required to maintain records of personal data and processing activities. You will have legal liability to inform your Data Controller if you are responsible for a breach.
What you need to do:
- Branch Officers should request a copy of their membership list via branch@ukip.org as and when required.
- Membership Lists will include extra columns showing the members who have given their consent to receive information under the following categories:
- Conferences, Events or Promotions
- Fundraising, Appeals or Raffles
- Newsletters and Magazines
- Party Updates and Policies
- Members will also have given their preferred contact method:
- Letter (Mail)
- Email or
- Telephone (Call)
- When sending out a Branch Communication you must ensure that you record the legal justification (compliant with the Member's preferences) together with the subject and date of the communication. A spreadsheet (Communication Log) is attached to help you.
- Communication logs must be sent to your Data Controller at the end of each month.
- If you make a mistake or receive a complaint you MUST report this to your Data Controller (Regional Officer or Regional Chairman) within 48 hours.
on behalf of the UK Independence Party (UKIP) both at Henleaze Business Centre, 13 Harbury Road , Henleaze, Bristol, BS9 4PN