The EU General Data Protection Regulation (GDPR) came into effect on May 25, 2018. Loomio is GDPR compliant.
How does the GDPR affect Loomio group owners?
If you have any EU personal data (such as names, email addresses, ID numbers) in your Loomio group, you are a Controller of personal data under the GDPR.
Loomio Co-operative Limited is a data processor
Processing EU personal data must be governed by a GDPR-compliant contract.
We provide a standard Data Processing Addendum (DPA) to extend GDPR privacy principles, rights, and obligations everywhere personal data is processed.
Third party data processors
Loomio uses third party subprocessors such as cloud computing services to provide our services.
We enter into GDPR-compliant data processing agreements with each party. Data subprocessors used by Loomio
What rights do EU-based Loomio users have under the GDPR?
Under the GDPR, EU-based Loomio users have:
- The right to be informed.
- The right to access and correct your data.
- The right to transfer your data to another service. (Loomio is open source software and you can host your data yourself)
- The right to restrict processing.
- The right to erasure.
- The right to object. Please contact us immediately if you are concerned about how we’re processing personal data.
Data Protection Officer
Loomio has appointed Robert Guthrie as the DPO for Loomio Cooperative. Enquiries can be sent to firstname.lastname@example.org.