As a collector and processor of data based in the European Union, FONASBA is required to comply with provisions of the General Data Protection Regulation (GDPR) (EU) 2016/679. FONASBA has therefore developed a series of policies to provide information about its actions in respect of the collection of personal and other data for use in connection with its legitimate business interests as an international membership organisation.
Those policies comprise a summary Data Collection and Processing Assessment and individual policies covering the main data collection and processing activities undertaken by the Federation at the end of April 2018. A policy setting out the actions to be taken in the event of a data breach has also been established. Each individual policy can be downloaded by clicking on the link in its title below.
A policy covering the collection and processing of data in respect of employees of FONASBA has also been developed.
These policies will be reviewed when there are changes in legislation, case law, good practice or when changes are deemed necessary as a consequence of their application.