====== Data protection ======
In the D-A-CH region, two legal provisions must be observed in the context of data protection. The EU General Data Protection Regulation (GDPR), which came into force on 25 May 2018, applies to Germany and Austria, while the new, completely revised Data Protection Act (revDSG), which comes into force on 1 September 2023, applies to Switzerland.

__Please note:__ **PC CADDIE cannot and may not offer legal advice of any kind.** The respective legal entities - i.e. golf clubs, golf courses, etc. - are responsible for the correct implementation of the legal requirements. We recommend that you seek advice from an appropriate specialist lawyer or an authorised and qualified person.

===== EU General Data Protection Regulation =====
Legal text in full length: [[http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri<ignore>=CELEX:32016R0679&from=DE</ignore>]]

Legal text as synopsis: [[https://www.datenschutz-grundverordnung.eu/wp-content/uploads/2016/02/baylda_synopse.pdf]]

===== New Swiss Data Protection Act (revDSG) =====
Text of the law in full length: [[https://www.edoeb.admin.ch/edoeb/de/home/datenschutz/grundlagen/ndsg.html]]

Synopsis of the legal text: [[https://www.kmu.admin.ch/kmu/de/home/fakten-trends/digitalisierung/datenschutz/neues-datenschutzgesetz-rev-dsg.html]]

===== Resources from PC CADDIE =====

Special contexts for data protection in PC CADDIE can be found at [[de:personen:datenschutz:datenschutzmodule]] .

A file with the most important procedures for deleting and pseudonymising data can be found here as a PDF, e.g. for submission to your data protection officer: {{ de:personen:datenschutz:pccaddie_pseudonymisierung_und_loeschung_von_personendaten_v5.pdf |Deletion&Pseudonymisation}}.

===== This changes with these laws =====

  * Reversal of the burden of proof: if the customer is of the opinion that the club is not handling the data correctly, then a club must prove that it has worked properly within the EU from 25 May 2018 and within Switzerland from 1 September 2023. 
  * Obligation to provide information: the customer has the right to receive a COMPLETE overview of the data stored about them. The deadline for providing such information is 30 days from the WRITTEN request for information. 
  * Right to erasure/pseudonymisation: The customer can request that their data be erased. The deletion must be logged. They can also request that their name be pseudonymised so that it no longer appears on start lists/results lists and similar (this function is only local!). 

===== This must be prepared in the club =====

==== General ====
 
  * Ideally: Discuss the requirements in the club with a specialised lawyer.
  * In the European Union: Appoint a contact person or external data protection officer (Caution! This has legal consequences). In Switzerland, such a designation is still optional.
  * Create a register of procedures for all processing of personal data in the club (sample via DGV service portal: https://serviceportal.dgv-intranet.de/clubintern/recht-versicherung/recht-steuern/a-z.cfm). In Switzerland, this applies in the same way, but is referred to as a "directory of processing activities". 
  * Inform members, obtain consent if necessary.
  * Clean password management for your employees (it makes sense to have only one or two employees with real supervisor rights; for all others, appropriate authorisations must be given for their functions).


==== Especially in PC CADDIE ====

  * In general: sign the contract for order data processing (ADV contract for short) quickly and send it to PC CADDIE. Why? **Because otherwise we are no longer allowed to provide support.** 
  * Fill in the contact form with your contact person and send it to us. Why? So that we have a contact person in your club in the future. Because there will certainly continue to be a need for information on this topic. 
  * Use the PC CADDIE data protection functions according to the requirements in order to fulfil the EU-DSGVO/revDSG (The latest update can be downloaded under menu item "End/PC CADDIE update").

Two points are important in the future: \\
**A)** Documentation of the stored data,\\
**B)** Deletion/pseudonymisation of the data with the corresponding documentation. 

===== The new PC CADDIE data protection functions =====

**Please note from the outset** \\
ALL ACTIONS OF DELETION AND PSEUDONYMISATION ARE **IRREVERSIBLE**! Because that is the purpose of the respective data protection laws!\\
Please consider in advance what makes sense. Advise your customers well, consult with your data protection officer and try to find out what the concern actually is. 

==== In the personal data of guests and members ====

In the personal data, tab //"Characteristics" tab// there is a new button **"Data protection**":

{{de:sonstigefunktion:datenschutz:2018-05-17_08h00_37.jpg?|}}

Click on this button to see all the options relevant to the customer in a new window.

Here you can store the data on when a customer has expressed which request in relation to data protection. 

{{de:sonstigefunktion:datenschutz:2018-06-18_16h37_20.png?|}}

This is the basic setting for the authorisations/objections/mail use/deletion/pseudonymisation stored for this customer. 

The top two date fields are self-explanatory. This means that you would normally fill in the upper date field for new members, for example, if the use of the data is authorised in the admission form. It is best to discuss internally with your data protection officer how you have dealt with the consent of members/customers so far, e.g. whether you want to add everything later. 

The date field **Objection** is filled in if the customer objects to the further use of the data. **Please note, however, that you can no longer manage the customer as soon as they object.** For example, if guests who play on a green fee basis object to the use of their data, they can no longer be loaded into a tournament, booked into start times or used in any other way. For users without supervisor rights, the customer's data record disappears; it can no longer be selected. This is only possible for users with supervisor rights, who can reactivate these customers in a special setting. 

It is therefore important to carefully consider what the customer wants and to find the optimum solution together with them. 

{{de:sonstigefunktion:datenschutz:einwilligung_widersprochen.png?|}}

Before carrying out this action, however, you will be asked once again whether you really want to do this: 

{{de:sonstigefunktion:datenschutz:widerspruch.png?|}}

You can recognise a contradiction by this alarm signal: 

{{de:sonstigefunktion:datenschutz:sperrung2.png?|}}

If you then carry out another action, e.g. call up another data record, etc., the next time you try to dial the person who has objected to the use of data, no result will be displayed. 
==== Blocking the data ====

It gets tricky with "Blocking data": the date field is automatically filled if you select an action other than Normal from the drop-down menu: 

{{de:sonstigefunktion:datenschutz:sperrung.png?|}}

  * **Access for supervisors only**: here, the person working with administrator rights has the option of activating data for the purposes of statistics or financial data retention. The customer can no longer be found by all other employees with other authorisations. 
  * **Processing blocked**If this is clicked, the customer is no longer visible or accessible to ANYONE after the final click on OK. He is actually gone. **NB: Even PC CADDIE can no longer retrieve it.** You will then have to re-enter the data!
 
==== Newsletter/e-mail dispatch ====

The options are controlled here. The default setting is "neutral". We take a closer look at what this means under the [[http://doku.pccaddie.com/doku.php?id<ignore>=de:sonstigefunktion:datenschutz:datenschutz&s[]=datenschutz#spezielle_supervisor-rechte|</ignore>Supervisor-Funktionen]] section. 

{{de:personen:datenschutz:privacy_newsletter_2024.png?600|}}

Here you can specify whether or not a customer agrees to the use of their email address. If, for example, this email address is not to be used for a newsletter but is to be used for invoices, select //**Newsletter receipt objected to**// from. \\  
:!: This blocks the sending of any emails to this address for advertising purposes and thus acts like the filter **NONEWS**filter, which you can use in the [[en:personen:supermailer:supermailer|Supermailer]] to suppress the unauthorised sending of advertising emails to recipients who have objected to receiving newsletters, while the email address can still be used for sending invoices.

With this setting, you can also ensure that customers who have generally objected to the use of their email address do not receive any unauthorised emails, even if they select the wrong mailing list. **//Usage generally objected to//** places this e-mail address on the block list and it is completely blocked.   

Our default setting after loading the latest update is that you cannot send any mails for the time being. This is to prevent customers from receiving unauthorised advertising emails from you. You can use the supervisor settings to define how customer data should be handled with regard to emails. 

=== Create special mailing list categories ===

You can also store preferences for specific distribution groups in the newsletter. You can use the ones we suggest, but you can also create your own groups. This means, for example, that team players who would not otherwise like to receive a newsletter can still be included in a distribution list for special news relating to the team.  

{{de:sonstigefunktion:datenschutz:2018-05-25_19h23_03.png?|}}

{{de:sonstigefunktion:datenschutz:2018-05-25_19h23_14.png?|}}

==== Create lists of people with query of data protection features ====

== E-mail use/photo use ==

Proceed as for creating a normal list of persons and then create a new filter, e.g. "Email use" or similar. Then select the "Email group" field and filter according to the following criteria: 

  * **OK** Agreed for use,
  * **!OK** or **DISAGREED** for use not authorised,
  * **NEUTRAL** for neutral setting.

{{de:sonstigefunktion:datenschutz:email-verwendung.png?|}}

{{de:sonstigefunktion:datenschutz:bildverwendung.png?|}}

== General data protection status ==

Here, too, there is a query in the person lists for which you can save a filter (e.g. data protection status):

{{de:sonstigefunktion:datenschutz:datenschutz-status.png?|}}

The query runs via the following parameters: 

  * N (=Normal),
  * S (=Supervisor),
  * L (=Locked =locked).

==== List of persons; who has or has not yet consented to the GDPR? Logical filter ====

List of members who have NOTHING in the data protection consent date? 

Members WITHOUT consent date

<code>
EMPTY(golfmitg->MITGPRIV)
</code>

{{en:personen:datenschutz:logischer_filter_ohne.png?|}}

Members, WITH consent date 

<code>
STOD(golfmitg->MITGPRIV) > STOD("19900101")
</code>



{{en:personen:datenschutz:logischer_filter_mit.png?|}}

==== List of persons; who has or has not consented to the use of e-mail? Logical filter ====

The filters are created as described above.

<code>
SUBSTR(golfmitg->(xFieldGet("mitgpriv", "")), 26,1)=="A"  -  nur Personen mit "Mailverwendung zugestimmt"

SUBSTR(golfmitg->(xFieldGet("mitgpriv", "")), 26,1)=="M"  -  nur Personen mit "Mailverwendung widersprochen"
</code>
==== Consent to the use of photos ====

Here, too, we have programmed a separate field in which this information can be stored.

{{de:sonstigefunktion:datenschutz:2018-06-18_12h46_17.png?|}}

But please note: this field is purely informative and is not linked to any functionality relating to images!

The query of persons for this field works as described above. 

==== Note field ====

It is also important to enter the dates when the customer expressed the wish for data protection and your personal notes on this. 


==== Nickname ====

In this field you can enter a nickname ("artist name") for a customer if he/she wishes. But ATTENTION: this nickname will only appear in local lists. It is not transported to the DGV intranet. So if the customer plays at another club or competes in an association competition, his/her real name will always appear in the lists. 


==== Printout/export of data ====

Furthermore, here are the buttons with which you can print out the summary of the customer's data if desired and also save it - ideally on a USB stick of the customer.

{{de:sonstigefunktion:datenschutz:ausdruck.png?|}} 

{{de:sonstigefunktion:datenschutz:2018-06-18_14h28_21.png?|}}

Here you must decide for yourself which account areas you want to export/print. By default, NONE is ticked, i.e. you can choose whether you want to include only one, several or all account areas. This decision must be made in the Club. You can also choose the type of data to be output: really everything, just the number or just the account areas. 

//**TIP** Have the request for a printout of all data made IN WRITING and always hand over the data collection to the customer PERSONALLY (if necessary on presentation of an identity card if there is any doubt about identity)!//

==== Pseudonymisation ====

By clicking on this field, you can carry out a final pseudonymisation at the customer's request. But beware: you will then no longer be able to find or edit the customer!

{{de:sonstigefunktion:datenschutz:ds13b.png?|}}

You will be asked again before you finally carry out the action. 

{{de:sonstigefunktion:datenschutz:ds14b.png?|}}



===== Special supervisor rights =====

For this reason, we have built in some functions for "Supervisors" to be able to reactivate the data, at least for statistics and fiscal checks. And this is how you get there (note: this menu item is ONLY visible to supervisors): 

{{de:sonstigefunktion:datenschutz:2018-05-17_08h02_00.jpg|}}

Click on the menu item to open the following window: 

{{de:personen:datenschutz:privacy_konfig.png|}}

==== Supervisor rights regarding e-mail dispatch ====

As a supervisor, you can set here how e-mail addresses should normally be handled. 

{{de:personen:datenschutz:privacy_email.png|}}


  * **Standard**No dispatch to people who have not explicitly agreed to receive advertising mails --> no mail goes out, no mailing list is generated for the supermailer. 
  * **Permanent setting, variant 1**: Mails only go to people who have explicitly agreed to receive them or to members (if you have regulated the receipt e.g. by statutes)
  * **Permanent setting, variant 2**: Mails are sent to everyone who has not ticked a red cross in the customer mask under Mail reception //**do not have a red cross**// tick in the customer mask. 

If you select these variants, the system remembers the selection. With the following two options, the action is only temporary.

  * **Temporary, variant 1 and 2**Permanent setting, variants 1 and 2: it is up to the club to decide how to handle this. 
  * **Temporary, variant 3**: Dispatch really to **all** (e.g. annual accounts or invitation to the general meeting, if legally secured). 


==== Remove COVID status info from all contacts ====

{{de:personen:datenschutz:privacy_covid.png|}}

Click on the button to open the following security enquiry:

{{de:personen:datenschutz:privacy_sicherheitsabfrage.png|}}

All statements that are in favour of the process must be ticked. The four possible answers vary.

:!: IMPORTANT :!:
  * This function also switches off the transmission of Covid information from the app to your local PC CADDIE. 
  * Please note that this function can only delete the Covid information officially programmed in PC CADDIE. If you have saved the Covid status independently of this in a self-defined additional information, this information must be deleted individually. However, this can also be done in one go for all contacts - details can be found here [[en:einstellungen:programmeinstellungen:zusatzinfos#belegungen_tauschen_oder_loeschen|]]
  * This information is not a call to delete your data - the decision to delete is the responsibility of each golf course in consultation with your responsible data protection officer! 
==== For the deletion/pseudonymisation of data volumes ====

**IMPORTANT!**\\
ALL DELETION AND PSEUDONYMISATION **ACTIONS OF DELETING AND PSEUDONYMISING** ARE **IRREVERSIBLE!** Because that is the purpose of the law!\\
Please consider in advance what makes sense. \\

A file with the most important procedures for deleting and pseudonymising data can also be found here as a PDF, e.g. for submission to your data protection officer: {{ de:personen:datenschutz:pccaddie_pseudonymisierung_und_loeschung_von_personendaten_v5.pdf |Deletion&Pseudonymisation}}

The deletion/pseudonymisation of large amounts of data must be determined individually according to a specific cycle. This is also only possible with supervisor rights. The button can also be found in the People/Data protection menu: 

{{de:personen:datenschutz:privacy_pseudo.png|}}

Click on the button to open the following field: 

{{de:sonstigefunktion:datenschutz:ds17_b.png|}}

Here you can enter criteria, e.g. to delete inactive data records from the database at certain intervals. **//For example, all guests for whom you have neither a mobile phone nor an e-mail address and who have not visited for 3 years. These actions are irreversible!//**\\
**//If you also want to delete former members, e.g. because they have been out for more than 10 years, the former member attribute must also be removed from this group beforehand!!!! Otherwise they will not be deleted to be on the safe side! //**

As it is quite complicated to create such a person filter for a list of persons, there is a procedure with which you can check beforehand whether you are deleting the right persons.\\

In the "Delete or pseudonymise persons" function, there is the procedure "Set the additional info "oldrec" for the data records". (see screenshot in the next section). Select this and let the process run through. You can then print a list of persons with the additional information "oldrec". You can then use this to check. Remove the additional information for persons who should not be deleted. Then carry out your pseudonymisation run with the "oldrec" person filter.\\

As soon as the button **OK** button is clicked, you can answer two more security queries before the run is started. This function can take a relatively long time. PC CADDIE shows you the progress:

{{en:personen:datenschutz:datenschutz_loeschen.png|}}

As soon as the function is finished; the number of (in our case) deleted data records appears:

{{en:personen:datenschutz:datenschutz_loesch-datensaetze.png|}}

You can use the log file to check the history:

{{de:personen:datenschutz:datenschutz_protokolldatei.png|}}

The corresponding information after each name means

^Remark    ^ Information  ^
|deleted |Deleted data record  |
|Competition |Tournament data available, record has not been deleted  |
|Account |Sales data available, record has not been deleted  |
|ZIP filled |address available, record has not been deleted  |
|Phone filled |Phone number available, data record was not deleted  |
|Member |Member, data record has not been deleted  |

====Delete or pseudonymise personal data: Select procedure====

There are various options that can be selected:

{{de:personen:datenschutz:pseudonymisieren.png|}}


  - Pseudonymisation without deleting the attachments
  - Pseudonymisation, with deletion of attachments
  - Pseudonymisation, ask for each attachment
  - Pseudonymisation, forced deletion of attachments
  - Delete (attached documents are deleted)
  - Set the additional info "oldrec" for the data records








==== Access to locked data records ====

With a tick in this field

{{de:personen:datenschutz:privacy_zugriffaktivieren.png|}}

supervisors can access 
  - data with an objection to data processing, and
  - data of blocked users.

The "Block data record" function is useful, for example, if a customer insists on the deletion of their data, but the legal situation is still unclear: the customer can already be "blocked" in PC CADDIE for all functions, accesses and bookings, but a supervisor still has full access to the data to clarify the legal situation, for example.


===== Functions in the PC CADDIE://online APP =====

**ATTENTION**Users of the app must first agree that they wish to continue using the services. Since the introduction of the EU GDPR, this query has been the start screen before you can make bookings on your smartphone or computer. 

//As long as this has not been accepted or customers have decided to cancel, end customers can no longer use the functionalities. The club also receives an error message if you want to send new passwords from the personal screen.// 

=== Data protection settings in the app ===

Under "My settings" in the app, customers can decide whether their name is visible or not.\\

__Important note:__ If I have excluded visibility for myself, I will not be able to see the other players either!

{{de:sonstigefunktion:datenschutz:ds6.png?nolink&400|}}
===== Anonymise in the DGV service portal =====

If a member wishes to appear on results lists on the intranet with N.N. instead of their own name, this setting must be made in the DGV service portal. 

Open the service portal and then click on the menu item Club persons/Member search. 

{{de:personen:datenschutz:2019-04-11_17h35_29.png?600|}}

Once you have selected the person you want, all you have to do is tick the box shown below and confirm by clicking "Save".

{{de:personen:datenschutz:2019-04-11_17h35_16.png?600|}}

===== Functions on Mygolf.de =====

Anyone who has registered there can change their settings under http://www.mygolf.de/einstellungen/datenfreigabe.cfm?sq=54705789 change their settings. All questions about Mygolf.de will be answered exclusively by the German Golf Association (Deutscher Golf Verband e.V.). **not** supported.