Hi Patrick, Perhaps there was some misunderstanding. You are a Trustee. That us correct. But how many openSUSE Members requesting teavel support know about the way, that Doug is transferring their data to the bank account in UK via the Geeko Foundation? That is the point, where the GDPR requires a hint in the TSP tool equal to that for the agreementby our openSUSE Members: I agree, that my data can be processed by the Geeko Foundation in UK via bank xy for the money transfer.
Sarah, very good point - initially I will get Doug to include
this kind of phrasing when conversing with applicants.
Such money transfer is not allowed without any agreement of the users. You have to list all participating instances. And that is the point, where you should involve a volunteering Lawyer from my point of view. Best regards, Sarah
Re a lawyer, we intend to do just that - to review what we do
above.
Thanks for the positivity too!
Gesendet: Montag, den 12.08.2024 um 17:14 Uhr Von: "Patrick Fitzgerald" <patrickf@i-layer.com> An: project@lists.opensuse.org Betreff: Re: Status of the foundation? On 12/08/2024 16:51, Richard Brown wrote:How are we handling the data protection and GDPR issues of this arrangement?The individual data is not transferred if someone generates a generalized report with the TSP application and shares it with the community... HenneIf the money is coming from the Geeko Foundations bank account there has to be a transfer of an individuals personal information from SUSE Group to the Geeko Foundationsee my other emailElse the Geeko Foundation would have no payment details to send the money to someone The terms and conditions of such transfer of sensitive personal info needs to be documented somewhere. I’d expect if not details about retention times at least documentation about how to request data removal under the GDPR.see my other emailI certainly wouldn’t be comfortable with the idea of sharing my bank details with SUSE just for them to give them to a UK registered company (not a charity yet..) without such documentation.It's a Not For Profit. Which means, no profit. Get it?Especially when that UK company has apparently incomplete public filings suggesting a governance model which seems to be something between “the three trustees can do whatever they want with the Foundations money” and “Patrick has complete control” depending on which documentation is read.*All* Not-for-profits and Charities the trustees control the money. that is why they are called *trustees*. What is your point? And are you suggesting that the trustees, or myself ("depending on which documentation is read") are untrustworthy? And BTW, I am meeting with my accountants for fix that documentation "error" - as to the control thing. Should be updated by Thursday morning.I’m also not comfortable with technically contributing to any TSP tooling changes while the processes around the data is potentially unclear.I wasn't aware that you were willing to contribute in any way. Imagine for a moment what could have been achieved if you were however: we'd policies completed by now, and posted, and any this sniping never would have happened. I repeat, *help wanted*. Apply here. /p
-- <br/> <b>Patrick Fitzgerald</b> <h3>i-Layer Limited</h3> <hr/> All Support queries to: isupport@i-layer.com