I found this a useful link [1] along with the rest of that website. The GDPRs apply to businesses and also to non-profits such as clubs. As I understand it all organisations have to have a Privacy Policy and need to get explicit agreement from all those they hold personal data on in order to keep their data.
However I believe that any data that is required for 'contractual' reasons is not covered. When one sells anything there is an implicit (or explicit) contract so I assume (though I have no qualifications in this area) that customer data required for invoices and so on would not be covered. However if I were a business with customer data I would be asking my legal guy about this. Colin [1] https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/ On 10 April 2018 at 12:51, Mike Evans <mi...@saxicola.co.uk> wrote: > Is everyone aware of the impact of GDPR on their customers/vendors data > stored within GnuCash? I admit I've only just become aware of it and am > still puzzled as what I should do to be compliant. > > It seems I may have to either delete all my customer data or "repermission" > my existing customers and vendors in order to hold any data about them. I'm > not sure how GnuCash will behave if I delete customer data, given that I > can't do that via GnuCash and will have to "manually" edit my database (or > XML file in my case). I should probably file an enhancement request to add a > delete customer facility to GnuCash. > > It may be only applicable if you hold data for the purposes of mailing list > marketing. > > There may be issues if you backup or store your GnuCash data "in the cloud" > as this probably means moving data to servers based outside of the EU. In > which case it will have to be encrypted before transmission. I guess that > applies for server storage inside the EU too. Business users storing > unencrypted data in the "cloud" would fall foul of the regulations. > > There's a Wikipedia article at > https://en.wikipedia.org/wiki/General_Data_Protection_Regulation > > and there's https://www.eugdpr.org/ > > > Just a few discussion points. > Mike Evans > _______________________________________________ > gnucash-user mailing list > gnucash-user@gnucash.org > To update your subscription preferences or to unsubscribe: > https://lists.gnucash.org/mailman/listinfo/gnucash-user > If you are using Nabble or Gmane, please see > https://wiki.gnucash.org/wiki/Mailing_Lists for more information. > ----- > Please remember to CC this list on all your replies. > You can do this by using Reply-To-List or Reply-All. _______________________________________________ gnucash-user mailing list gnucash-user@gnucash.org To update your subscription preferences or to unsubscribe: https://lists.gnucash.org/mailman/listinfo/gnucash-user If you are using Nabble or Gmane, please see https://wiki.gnucash.org/wiki/Mailing_Lists for more information. ----- Please remember to CC this list on all your replies. You can do this by using Reply-To-List or Reply-All.
