All Commonplaces are GDPR compliant. On a project level, we achieve this through the following:
- The first time respondents contribute, we explain clearly which organisations are behind the Commonplace project and what their roles are.
- For any personal information that is shared, we clearly state which organisation can see this information and explain why it is relevant to the engagement and how this information may be used.
- All communication options are clearly defined and optional opt-ins. Project stakeholders can only contact respondents based on the consents that they have given. The granular communication options include:
- Commonplace news
- Responses to comments
- External newsletter
- Other communications that can be defined on a per Commonplace basis e.g. participation in future research.
- Being told about new Commonplaces in the area people live
- Replying to comments
- Sensitive information and its impact on downloads
- Commenting flow with project partners and communication consents
- Rights to manage data
On an organisational level we are committed to the same standards. Everyone receiving our industry newsletter has opted in and all our communications include an unsubscribe link in case one changes their mind.