We're sorry but students dashboard doesn't work properly without JavaScript enabled. Please enable it to continue.

Data Processing & Compliance

Overview

Understanding how Communi and community admins share legal responsibilities for user data is crucial for maintaining compliance and ensuring best practices in data management. This document outlines key aspects of data processing, including third-party integrations, email exports, Zoom recordings, and compliance best practices.

1. Roles & Responsibilities
Communi’s Responsibilities:
  • Acts as the data processor in scenarios where user data is handled on behalf of community admins.
  • Ensures security measures for data storage and transmission.
  • Provides tools for admins to manage user data responsibly.
  • Maintains compliance with relevant data protection regulations (e.g., GDPR, CCPA, PDPA).
Community Admins’ Responsibilities:
  • Serve as data controllers responsible for collecting, managing, and processing user data.
  • Ensure compliance with applicable privacy laws.
  • Obtain necessary user consents for data processing.
  • Monitor and manage data exports, integrations, and other shared data activities.

2. Third-Party Integrations
  • APIs & External Tools: Community admins may integrate third-party services (e.g., analytics tools, marketing software) with Communi.
  • Data Sharing: Any integration that involves sharing user data requires adherence to Communi’s security policies.
  • Vendor Compliance: Admins must verify that integrated third-party providers comply with relevant data protection laws.

3. Email Exports
  • Access & Security: Admins can export email lists and user data for community management purposes.
  • Consent Requirements: Any email communication must comply with anti-spam laws (e.g., CAN-SPAM, GDPR’s opt-in requirements).
  • Data Retention: Exported data should be stored securely and deleted when no longer needed.

4. Zoom Recordings
  • User Consent: Community admins must inform users before recording meetings.
  • Storage & Access: Zoom recordings stored within Communi must follow access control policies.
  • Deletion & Retention: Recordings should be deleted or archived based on legal and compliance policies.

5. Compliance Best Practices
  • User Transparency: Clearly inform users about how their data is processed.
  • Data Minimization: Collect only the necessary user data required for operational purposes.
  • Security Measures: Use encryption, access controls, and periodic audits.
  • Incident Response: Have a plan in place for handling data breaches or unauthorized access.

By following these guidelines, Communi and community admins can work together to ensure a secure and compliant data processing environment.