Data protection responsibilities: Don't forget the basics
The Online Dating Association (ODA) is issuing a reminder to the sector of the need to understand the data protection responsibilities companies have in the countries in which they operate. A large part of the law in question is now at community level through the General Data Protection Regulation (GDPR) but earlier Directives were implemented through national regulations, albeit, hopefully in a consistent way. That means for example that the duties to register with national authorities are set out by individual member states with different procedures and charges – and different, but limited, exemptions.
Dating services with any commercial purpose are required to register. Users will have an understandable concern over how their data is managed and private information is protected.
The ODA has had a positive relationship with the UK Information Commissioner’s Office (ICO) and includes elements of their guidance on GDPR and other data protection issues within the ODA Standards and Guidance.
This reminder, particularly for those launching new apps and services, is recommending you take the time to understand what is required of you by the ICO in terms of registering and compliance with their regulations, and not put your business or trust in the sector at risk by omission. The ICO guidance can be found here.