Saltar a contenido

Data Protection

Español Português

Objective

This page helps Cafh care for the information entrusted to it. The main focus is member data kept for records, coordination, and service.

Why this matters

Even a small data set deserves respect. Member information is held in trust, and that trust asks for clarity, restraint, and good records. Simple practices around access, storage, export, backup, and vendor handling help Cafh care for people in a steady way. They also help the committee respond with consistency when questions or incidents arise.

Risks this page helps reduce

  • Unauthorized access
  • Excess data collection
  • Copy sprawl across personal tools
  • Weak backups or failed recovery
  • Poor vendor handling of member data
  • Harm to members if records are exposed or lost

Core rules

These rules give Cafh a simple privacy discipline. The goal is not a large legal program. The goal is to collect less, share less, and keep better records about what Cafh holds and why.

  • Keep only the data Cafh needs for membership and record keeping.
  • Grant access only to people with a clear work role.
  • Use approved systems and approved databases for that data.
  • Remove access at once after a role change or service end.
  • Keep one simple privacy register for member data, vendors, storage country, retention dates, and security notes.

Member database

The member database deserves steady care. It is one of the few places where personal data, daily operations, and trust meet in the same system. Weak ownership or weak records can create harm even if the technical platform is sound.

  • Keep a named owner for the database.
  • Keep a named vendor or technical contact for support.
  • Use strong passwords and multi-factor authentication.
  • Review access every 3 months.
  • Record exports, bulk updates, and schema changes.
  • Test backups and recovery steps on a defined schedule.

Personal devices and local copies

Most Cafh members use personal devices. That reality increases the risk of copy sprawl, loss, theft, and uneven protection. For that reason, Cafh should keep restricted data in approved systems and reduce local copies on personal devices.

For personal devices:

  • Store restricted data locally only for a short and clear task
  • Remove local copies after the task closes
  • Avoid personal sync folders for restricted data
  • Avoid family or shared user profiles for Cafh files
  • Record exports of member data and other sensitive files
  • Escalate any lost, stolen, or compromised device that held Cafh data

GDPR awareness for EU member data

For member records connected to people in the EU or EEA, the committee must treat the case as GDPR-sensitive. This review must happen even when Cafh or a vendor works outside the EU. The committee must record the purpose of the data use, the legal basis, the systems involved, and the vendors that receive the data.

For these records:

  • Give the member a clear privacy notice in plain language
  • Keep only the data needed for the stated purpose
  • Keep the data current
  • Set review or erasure dates
  • Record the storage country and transfer path

Rights of EU members

These rights are practical. They give members a path to ask what Cafh holds, how it is used, and how mistakes are corrected. The committee should treat each request with care and a written record.

Under GDPR, EU members may ask for:

  • Information about how their data is used
  • Access to their data
  • Correction of inaccurate data
  • Deletion in cases where the data no longer needs to be kept or was used unlawfully
  • Restriction of processing in specific cases
  • Portability where that right applies
  • Objection in specific cases

Procedure for EU privacy requests

A calm process protects both the member and the organization. It helps Cafh respond with accuracy and keeps the review from depending on memory or informal messages.

  1. Record the request date, the person, and the right requested.
  2. Confirm identity before any disclosure or change.
  3. Send the case to the committee the same day.
  4. Identify each system and vendor that holds the data.
  5. Reply without undue delay and target 1 month.
  6. Record the action taken, the date, and any data kept for legal or operational reasons.
  7. When Cafh cannot grant the full request, record the reason and provide the complaint path.

External providers

Many privacy failures begin outside the main database. They start in exports, support channels, backups, or third-party tools. That is why vendor review is part of data protection, not a separate concern.

Confirm these points for each vendor that handles Cafh data:

  • What data is collected
  • Where it is stored
  • Who can access it
  • How it can be exported or deleted
  • What happens at the end of the service agreement

For EU member data, the committee must confirm these points too:

  • Whether the vendor acts only on Cafh instructions
  • Whether the contract covers confidentiality, security, rights requests, and incident support
  • Whether data leaves the EEA
  • Which transfer basis supports that transfer, such as an adequacy decision or Standard Contractual Clauses
  • Which sub-processors may receive the data

Incident response

Potential data loss, unauthorized access, or accidental sharing should be escalated quickly. Fast reporting reduces harm and supports timely communication, containment, and follow-up.

For EU member data, treat loss, exposure, or unauthorized access as a GDPR case from the start. Record when Cafh became aware of the case. Assess risk to rights and freedoms at once. When that risk exists, prepare notice to the relevant authority within 72 hours from awareness. When the risk is high, prepare notice to affected people in clear language. Keep the incident record, vendor record, and follow-up fixes together.

Public and restricted data

The portal does not need a complex label system. It does need a clear line between open material and material that can affect members or internal work. That line helps members choose the right tool and the right channel.

  • Public website content is public data.
  • Member profiles, contact data, and internal records are restricted data.
  • The committee must review any new sharing of restricted data.

Other privacy laws to watch

GDPR is not the only rule that may matter. Cafh works across countries, languages, and service providers. That reality can bring more than one legal duty into the same case.

  • UK GDPR may matter for records tied to people in the United Kingdom.
  • Brazil's LGPD may matter for records, vendors, or operations linked to Brazil.
  • National rules on archives, tax, labor, and nonprofit records may affect retention and notices.
  • When two privacy rules point in different directions, use the stricter path until committee review is complete.