Gdpr

rocky1996

we met today and another committee member advised the chat she had with an online ICO advisor said we had breached but it was low risk so we should therefore let all members know of the breach. Two answers same organisation it's a minefield. I personally think just adding what TBagpus suggested would be the best solution rather than all this reporting and advising all the members - to enable the group to communicate with the member and for members to communicate with each other 
- to identify the artist of works and allow potential buyers to contact the artist 
- to provide a list of members to other members
What's concerning is the ICO giving two different responses. Once again thank you everyone for your help and advice 

General_Grant

rocky1996 said:

we met today and another committee member advised the chat she had with an online ICO advisor said we had breached but it was low risk so we should therefore let all members know of the breach. Two answers same organisation it's a minefield. I personally think just adding what TBagpus suggested would be the best solution rather than all this reporting and advising all the members - to enable the group to communicate with the member and for members to communicate with each other 
- to identify the artist of works and allow potential buyers to contact the artist 
- to provide a list of members to other members
What's concerning is the ICO giving two different responses. Once again thank you everyone for your help and advice 

Personally, I think getting any "definitive" response is remarkable, getting two even more so.
I've only experienced the type of response of "you have to decide for your own organisation whether you are meeting legal obligations".