We worked with a large national charity that supports homeless people and reviewed their GDPR arrangements for a major event that they run each year. The event was a key part of their business, making a big contribution to fulfilling their charitable objects, driving income generation and raising awareness about the work done to help homeless people. It involved thousands of volunteers working across multiple sites.
Our work focused upon the business processes for the area with a specific emphasis on how the personal data that is used, sourced, created or shared in its delivery and management. Our outputs combined traditional reporting methods with visual and colourful process maps, so that areas for improvement could be quickly identified. This helped engage the senior managers of the charity and helped it ensure that it could meet its GDPR requirements. Specifically, we delivered: detailed maps of ‘data journeys’; updated and improved activity records that were GDPR compliant; and, a comprehensive risk register for the event.