Skip to main content

Client's Platform Privacy Notice - Guidance & Process

Guidance
CrowdComms’ clients are data controllers of the personal data collected from individuals who attend or speak at events hosted on the CrowdComms platform. We call these individuals “Attendees”.

CrowdComms is a data processor of this personal data – we process this data on our platform on behalf of our clients.

Under UK data protection laws, data controllers must notify data subjects (in this case, the Attendees) of who they are, what they do with data subjects’ personal data and data subjects’ rights, for example, to request erasure of their personal data. Data controllers must provide this notification to data subjects at the time their personal data is collected from them.

We call the notice that data controllers must provide to data subjects a “Privacy Notice”.

To help our clients fulfil their notification obligations to Attendees we arrange for a pop-up box to appear when Attendees log into the event platform. This pop-up box contains wording about privacy and a link to a Privacy Notice.

All clients should have their own Privacy Notice which we can link to. However, we have created a Privacy Notice that our clients can use (a “Client’s Privacy Notice”) if they do not have a Privacy Notice of their own or if they would rather use our version.

Please note: clients use our Client’s Privacy Notice at their own risk. CrowdComms makes no representations, warranties or guarantees that the Client’s Privacy Notice is fit for purpose or that it complies with relevant data protection laws and, to the maximum extent permitted by law, CrowdComms disclaims and excludes any liability in respect of its contents. Clients should consider the contents of the Client’s Privacy Notice carefully to ensure that it is appropriate for them, make any necessary changes and take legal advice on its contents.

Process

  1. At the start of the project, ensure that the client is aware that they should be providing a privacy notice that is relevant to how they will be processing data for the event
  2. Within the CMS (Settings > Terms and Conditions) you can overwrite the generic privacy notice with the one provided by the client
  3. Ensure the Synopsis (pop-up text) is edited to ensure it is relevant to how the client will be processing the data
  4. If the client does not have a privacy notice and would like to use the generic one provided, they must ensure that they process the data as documented (or edit the generic version to maintain relevance)
  5. The client must state their name (section 2. Controller) and enter all contact details in the "Contact details" section along the date it was updated (Section 2, Changes to the privacy notice and your duty to inform us of any changes).
  6. Once completed the task can be checked off in Wrike as "Complete"
  7. The process above will also be incorporated into the final QC process

Please raise any questions with your manager.