No doubt you will have heard a lot about the General Data Protection Regulation. The Branch works hard to make sure we comply with GDPR, and if you are ever unsure of anything you can check with the Branch Office.
To make it simpler to understand how GDPR affects your role as a UNISON activist, we have condensed it down to some simple rules:
- Make sure anything with members’ details on is stored securely; and once you have finished with it, destroyed securely.
- Do not keep your own individual member lists as they may be out of date by the time they are used again. They may also clearly identify union members in the workplace and even where they work. The Branch Office can supply you with a list of members but this should be destroyed securely as soon as you are finished with it.
- If you are sending out a group email to your members, best practice is to ask the Branch Office to do this for you. However if you do send the email yourself, make sure you use the BCC field to hide the email addresses. You could also consider sending emails to all colleagues, which shows non-members what UNISON is doing and so could encourage them to join.
- Make sure you are using up-to-date UNISON forms, particularly joining forms, as these are GDPR compliant.
- Report any breaches of data protection, either verbal or written, immediately to: email@example.com. Please copy in the Branch Office (firstname.lastname@example.org).
Remember: UNISON membership is confidential and you should never tell anyone who your members are.