Protecting the personal data of your team and community members.

We recommend you keep the date this was last updated here.

Intro to this toolkit

This step-by-step toolkit is self-guided and designed to:

Table of contents


1. Intro

<aside> 📺 Please check out this short video that explains GDPR in three minutes!


Data Privacy is a paradigm shift. In 1988, the UN defined privacy as a human right. Since then, the emergence of the digital world has accelerated the adoption of this concept, both socially and legally.

The General Data Protection Regulation (GDPR), implemented on 25 May 2018 in the EU, builds on and significantly updates decade-old data privacy laws. It can be considered the world's strongest set of data protection rules, which enhance how people can access information about them and place limits on what organisations can do with personal data. It has precipitated large-scale systemic change in how organisations work, how data is collected, where it resides, where it is transferred, and how it is used.

Since ChangemakerXchange is based, and has operations, in the EU, all our systems have data on people that fall under the scope of GDPR.

<aside> ⚠️ Non-compliance with the law can be reported by anyone, which can result in penalties of €20 million or 4% of the annual global turnover, whichever is greater.


2. Critical Terminology

This section defined the main terms you will come across in this GDPR toolkit. We know it is long, but it is essential that you are comfortable with these terms as we will use them frequently throughout this toolkit.

Need to know terms