When we use software or an application to manage a community of owners, we often forget about a very important issue regarding the privacy of the data of those who use said application. In the end, a community is made up of people who reside habitually or sporadically in the same place and therefore have legislation that protects the use of their personal data to Maintaining Neighbors’ Privacy in said environment.
That is to say, we cannot use and much less distribute the personal data of each resident of the Community while any computer application is use for the management of the same. At least we cannot do so without their consent and without complying with certain requirements and obligations regarding the treatment of said data. The example is recurrent, but any personal data of a resident is something private that must be protect and not exposed without at least the approval of the owner of the same. And in the environment of the Communities of neighbors there are quite protecte personal data that must be treat with great care, such as contact data, or the economic data of the different owners.
Currently, personal data is protect by different governmental laws that exist in different countries. In our case, in Spain the protection of personal data is regulate by Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights (LOPD), while in the European Union there is Regulation 2016/679 on the protection of natural persons with regard to the processing of their personal data. In addition, in Spain, as in other countries, there is the Spanish Data Protection Agency , which is the body responsible for ensuring compliance with said regulations.
What requirements must the Community Management application meet?
According to the laws described above, the software that manages or is used to manage any aspect of a Community of Neighbors, and therefore a group of people, must meet certain requirements for its correct use:
- You must have a public Privacy Policy , with the content established in the regulations, which allows people to know who is responsible for the processing of their data, what data is processed exactly, for what purpose, what transfers exist and how they can exercise their rights over said data.
- A Data Protection Contract must be establish overseas chinese in usa data between the company that provides the service and the Community of Neighbors, in which multiple issues are defined, such as the following:
- Identification of the data controllers and their role in accordance with the regulations. Also, whether there are sub-processors, such as external IT service companies.
- Validity and scope of the contract, which must normally take effect while the service is provided.
- Types of data to be process, in accordance with the typology and classification also established by the regulations.
- Security measures established for the correct maintenance of data.
- Data processing processes, such as obligations of the parties, transfers, export and deletion of data.
What personal data may be processed in the Community application?
There are three types of personal data, which are the following:
- Basic personal data: name, surname, address, telephone number, NIF, etc.
- Sensitive personal data: those that may pose a risk to fundamental rights or freedoms.
- Indicators: those that could allow a person to be identify, such as their IP address, fingerprint, etc.
All these types of data are classified telegram service payment methods according to the regulations in different categories depending on the risk of their processing and the obligations to be fulfill for their processing:
- General data: data not included in the special data category. For example, name, surname, address, finances, debts, qualifications, etc.
- Special data: reveals information with a significant impact on the fundamental rights of the individual. For example, data on ethnic or cultural origin, political, religious or philosophical opinions, sexual orientation, trade union membership, genetic or biometric data.
- Criminal data: these are not special data but require specific rules and safeguards due to the risk they pose to individuals.
Obviously, only general data is process in our Community management application . In other words, processing special or criminal data is outside the management needs of any Community and could put people’s fundamental freedoms at risk. For this reason, the Data Processing Contract must indicate that these special personal data must not be process or fall within the scope of said contract, and therefore, of the service provide by the Community management application.
What measures do we use to ensure the protection of personal data?
From the beginning of the development clean emai of our application for Communities, the protection of personal data and compliance with its legislation have been present. Proof of this are the following measures that we use and that always tend to ensure a correct use of the personal data of the neighbors:
- Although it is not mandatory by law, we have always tried to minimize the use of personal data in our app for Communities. For this reason, our app only requires two pieces of personal data for use by residents: the residence in the Community and the email address. Even the name and surname of the resident, although it is usually use to identify people internally, is not mandatory to add in order to use our application and can be freely modify by any resident. Of course, we do not need other personal data such as the telephone number or the NIF that are usually mandatory in other applications.
We try not to publish personal data if it is not strictly necessary .
That is, in our app we only show one of the data that could identify people, such as the home where they live in the Community. Only that data, we never share the email nor is it possible to send messages to your email address because it is simply not possible to know it. The email address is only use as part of the access credentials of each neighbor to the app. Any sending of an email to your email address must be previously approve by the neighbor and cannot be do directly from another neighbor.
The name of the home is a piece of information that is commonly use in Homeowners’ Communities since the property is the classification method of any Community, and therefore it is the data that is use when making reservations for common areas, paying bills, late payments and even voting in assemblies. That is, we decide to use the data of the home because it is a piece of information that does not fully identify a person, and it is also the data that is commonly use in all Communities as an organizational unit.
Compliance with all information security
Standards at a technological level . We have also taken information security into account as a basis for the development of our application. In this way, we have used technology and functionalities that allow us to ensure the access and integrity of the personal information existing in our computer systems. This also includes the use of external hosting companies for these computer services that have information security measures in place.
In summary, you will notice that we are generally quite strict with the use and treatment of personal data within our app. We have used and will continue to use techniques that allow us to maximize its security, while minimizing risks. We believe that computer applications such as our app should take into account improving the lives of residents without impacting their privacy, or at least with the least possible impact.
