Disclaimer: the content below is provided for informational purposes only. The information shared here is not meant to serve as legal advice. You should work closely with legal and other professional counsel to determine exactly how the GDPR may or may not apply to you.
As you may know, all organisations working with EU citizens’ personal data should be GDPR-compliant starting 25th of May, 2018. There are many terrific articles written about GDPR (for example, by MailChimp, FullStory or Hubspot) which we recommend reading to get more details.
At Workshop Butler, we are working in two directions. First, we are improving the platform and our internal processes to make sure they are GDPR-compliant. Second, we are adding the features which help you to operate your business in a GDPR-compliant manner easily.
On this page, we’ll publish the GDPR-related updates between now and May 25.
Below, find a list of the features we’re adding to the platform in the nearest future. We started working on GDPR-related features a couple of months ago and it’s an ongoing process. We’ll continue building and releasing them on a regular basis during the next month. We plan to ship all features from the list before 25th of May.
As we support different types of clients (knowledge brands, trainers, training companies), not every feature below may be relevant to you.
There are two groups of people you can add to Workshop Butler: workshop attendees and trainers. You need to have a legal reason to use their personal data. You also need the ability to track the reason in case a person requests to see and verify the lawfulness of processing.
| Workshop Attendees | As a trainer or training company, you get a legal reason to process the personal data of attendees when they register for workshops. | In Workshop Butler, you can check any time what workshop a person participated in. Currently Available |
| For a knowledge brand, you get a legal reason to process the data when a person participates in a paid and/or free brand workshop. | Right now, the personal data of all registered attendees available to brand coordinators. We will change this so brand coordinators can see only personal data of attendees, participated in confirmed events. In Progress |
|
| Trainers | The process of becoming a licensed trainer or an employee of a training company is much more complicated than subscribing to a mailing list. The signed contract or licensed agreement gives you a legal reason to process their data. | As a brand coordinator, you can set a signed date of a contract/licensed agreement while adding a new trainer. You can also setup an automated license prolongation process. To give you more clarity, we’re adding a history of license prolongation with the accepted terms. In Progress For training companies, it’s up to you to track signed contracts with trainers. |
Under the GDPR, you may need to get an explicit consent form EU citizens regarding the data capture and how you plan to use it. As mentioned above, you should get a consent from trainers while signing a contract or license agreement with them if you’re a training company or a knowledge brand. This process is out of the scope of Workshop Butler.
It’s different for workshop attendees. There are three major points to consider:
We are adding two additional properties to attendees.
|
|
| API | The values of the properties should be passed to API on the registration of attendee Currently Available |
| Built-in registration pages | In Workshop Butler, it’s possible to customise registration forms. You can already add additional fields, including checkboxes. We’re adding a special type of checkbox representing the new properties. As for now, you will be able to add a description in HTML format for these checkboxes, giving links to your privacy policy and describing how the data will be used. Currently Available |
| Manual addition of attendees | There will be the checkboxes on the attendee form and the import form Currently Available |
| Other changes | Right now we support 2-steps evaluation process. On the first step, attendees fill in their evaluation, on the second one they provide their personal data. It’s not possible to change what information you collect in the second step. We’re changing the process completely by removing the second step. The evaluation process will look this way:
In Progress |
When workshop attendees register for a workshop, they signed up for a series of automatic and/or manual emails Workshop Butler and you send them before and after the workshop through the platform.
| Unsubscribe link | We’re adding an unsubscribe link to all emails sent from our system to workshop attendees. By clicking on the link, the attendees can unsubscribe from further automatic messages from Workshop Butler, related to the given workshop. Unsubscribed attendees will be marked so you won’t send them a manual email by mistake. In Progress |
Under the GDPR, you must collect only the data that is needed for providing a service.
| Trainers | You can customise registration form by adding or removing the fields you don’t need. Currently Available |
| Training Companies | We’re working on allowing you to customise registration forms as well, in a similar manner that trainer can do. Currently Available |
| Knowledge Brands | Right now, knowledge brands set limitations to what fields should be present on workshop registration forms. These fields include first and last name, email, address and role. Trainers cannot remove the optional one like the address or role from the forms. We’re removing these limitations, keeping only three required fields on any registration form: first name, last name and email. Other fields will be optional and can be added/hidden by trainers. Currently Available We’re hiding any personal data except first and last names, and email from brand coordinators as it’s not required for providing a service (sending a certificate, sending marketing emails, etc). In Progress |
Under the GDPR, people have a right to be forgotten meaning that you should delete their personal data completely from your databases on their request (with some exceptions).
| Workshop Attendees | As a trainer or a company manager, you can delete any contact you have. The removal destroys all personal data, event participation history, and sent emails. Currently Available |
| As a brand coordinator, you’ll be able to delete any contact you have. The removal destroys all personal data, event participation history and certificates. In Progress |
|
| Trainers | We’re adding a new functionality which allows you to delete the profile of trainers completely, including their events history, attendees, license history and etc. In Progress |
Under the GDPR, your users may contact you to request to access information that you hold on them.
| Workshop Attendees | Contact profile contains all information about a person, including personal data, participated events, evaluations and certificates. This helps you to construct a response to your users. Currently Available |
| Trainers | Trainer profile contains a plenty of data about a trainer, including personal data, billing info, license history, ratings, and etc. You can easily find the event the trainer ran. These all should help you creating a response to your users. Currently Available |
Under the GDPR, a user can request you to update the personal data if it’s not valid.
| Workshop Attendees | As a trainer or a company manager, you can modify any contact you have. Currently Available |
| As a brand coordinator, you’ll be able to modify any contact you have. In Progress |
|
| Trainers | Trainers or company managers can modify their personal data or the data of trainers of their companies.
Due to the complexity of some use cases, brand coordinators cannot edit the profiles of trainers. However, they can reach our support team any time to request a manual change of their users. Currently Available |
If you think we miss something or have a question, write to us on [email protected]