This section covers the main points of data protection: GDPR compliance, responsible data storing processing and sharing, EspoCRM version control and best practices for protecting your data.
GDPR Compliance¶
Both the NLRC and EspoCRM adhere to the European General Data Protection Regulation (GDPR). In case National Society maintains its own EspoCRM instance, NS is a data processor. Read more information about data processor.
The National Society is also a data controller and is therefore responsible for any data entered into the system. Your partners should therefore be informed and in compliance with their data protection legislation.
NS must decide how long project data can be stored in the system and how it will be deleted or anonymized after the program is closed. Regular Data Protection Impact Assessment reviewing is recommended.
Data collected with third party tool Third party handle the data storage. For instance, data collected with KOBO tool will be stored on KOBO servers and fall under their data protection policy. Kindly note this is separate from EspoCRM data process.