Privacy Issues with Your Member Directory Posted on March 5, 2019March 4, 2019 by Justin at PoolDues With a Pool Dues website, you get a user-friendly built-in Member Directory. We’ve made it super easy for your members to look up other members by lots of different categories like babysitters, pet sitters, women’s interests, men’s interests, sports, and a whole host of other filters. Want to find a local teen to help you move furniture? Use the Pool Dues Member Directory to filter by members who have indicated their willingness to move furniture! We think this is a great way for your members to connect with one another, but we also acknowledge the privacy issues related to an online member directory. Because the directory is searchable by children that can babysit, pet sit, tutor, do yard work, and do odd jobs, many members will opt to include their children’s information in the directory. And while it’s a great way to build community, it also puts our personal data out there. Imagine getting an email that was sent to 300 people listing your name, email address, phone number, street address, and the names and ages of your children. I know I’d be in a bit of a panic seeing that information sent to so many people! But that’s basically what we’re doing when we include our information in a public-space directory. Which is exactly why a Pool Dues Member Directory is not a public-space directory. We understand parents’ concern about their children’s online privacy, which is why our Member Directory is strictly consent-based. It’s important for both your board members and your general members to understand that their information is not automatically added to the Member Directory. Yes, people have to provide information to join the club, but this information is not automatically put in the Member Directory. There is an important difference between the MEMBER DIRECTORY and the MEMBER DATABASE. The Member Directory is where people can look each other up and search for someone who might want to play basketball with them. The Member Database is where board members like the Treasurer and the Membership Director have access to all member information like addresses and emails. Signing up for membership online puts your information in the Member Database, not the Member Directory. Members must create their own Directory Profile in order to be included in the Member Directory. Just because your club is comprised of neighbors doesn’t mean it has the right to publish private member information. Does your local Starbucks list the email address of every coffee buyer? In fact, new EU privacy laws are making their way to the US. The EU’s new privacy law, the General Data Protection Regulation (GDPR), requires companies to seek permission to collect and use personal data. They have to explicitly ask for your permission to collect your personal data including what you post on social media, your address, your email address, and your GPS location among other things. US firms are already required to comply with the GDPR for their European markets, which means that US companies are naturally going to start complying with the regulations across the board. With that in mind, your swim and tennis club should act like it’s an international company that is required to follow GDPR. In fact, your club is a business, even if it’s a non-profit business. You should comply with privacy regulations regardless of your non-profit status. What this means is that you are not allowed to simply import member data into a shareable directory. Members need to give their permission to have their data included in your directory – the most efficient way to do this is to have members create their own profile.