I think I may be getting confuzzled here. I'm putting thoughts within your
text
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of KAREN SADLER
Sent: 27 January 2005 18:17
To: [log in to unmask]
Subject: Re: [data-protection] franchise business
Mmmmmmmm!
The data does relate to living individuals - the members - these are likely
to be sole traders or SME's, such as plumbers, haridressers, small agencies
etc. They can access the database of other members directly. They can only
update their own data, albeit controlled by the franchisor. They can view
other franchisees data in an on- and off-line directory, and can contact
other members directly. Trading must be managed through the franchisor. So,
it seems that consent must be secured for sharing of data across the
network.
>>TT: So the database is held by the franchisor? But the data is
technically passed to third parties, so there is an issue of consent here,
individual consent, not business consent.
The franchisees are recruited by the franchisee - so do not introduce each
other. They have varying business experience, and quite possibly none in
franchising so are guided by the franchisor. The franchisees seek members
and then recruit them using a standard application form : this data is then
captured centrally at the franchisees offices and held on the database. It
seems that the question is what consent does the franchisee need to give (a)
on their agreement witht he franchisor an (b) with the agreement with the
member?
>>TT: A franchisee recruits further franchisees? OK you need to
distinguish with whom the newly recruited franchisee is contracted. This is
the key to what needs to be done by whom.
The franchisor holds the database and are responsble for updates.
The database has the capability to allow members to link to other members
websites - so although this seems out of the franchisors responsibility,
there seems to be some link there?
>>TT: Linking to a website is not the same as passing data to a third
party. But, though there is not a duty per se to inform someone when they
are leaving your website, there MAY be one if the website linked to both
collects data and looks identical to the website linked from. If not a duty
one might argue a best practice here.
----- Original Message -----
From: "Tim Trent" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Thursday, January 27, 2005 5:59 PM
Subject: Re: [data-protection] franchise business
> The very brief description implies that data identifying a living
> individual is both held and accessed. So long as the individual gives
> informed consent for data to be passed to third parties (and a
> different franchisee is a third party) then this should work well
> enough.
>
> It does not have the feel of a particularly controlled business from
> the simple description we have, though. Franchisees introducing other
> franchisees feels like MLM (often mistakenly referred to as pyramid
> selling, which it is not). If this is the case the franchisees are
> usually "embryo businesspeople" with arbitrary grasp of trading and
> other laws. Some are excellent. Others are, well, not. So I am
> nervous about the ability of the franchisor to enforce policies.
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of Ian Welton
> Sent: 27 January 2005 17:17
> To: [log in to unmask]
> Subject: Re: [data-protection] franchise business
>
> Within that there may exist complications resulting from advertising
> images/graphics which facilitate another company to collect personal
> data relating to the surfers of any particular site. If no personal
> data is involved this DPA issue would not arise.
>
> Ian W
>
>> -----Original Message-----
>> From: This list is for those interested in Data Protection issues
>> [mailto:[log in to unmask]] On Behalf Of Tim Trent
>> Sent: Thursday, January 27, 2005 4:14 PM
>> To: [log in to unmask]
>> Subject: Re: franchise business
>>
>>
>> In any franchise business the Franchisor and the Franchisee are each
>> data controllers in their own right whether either also acts as a
>> data processor for the other(s) or not.
>>
>> The privacy notice should be a part of the franchisor's policy and
>> franchise "image" and a part of the contract with the franchisee. It
>> should be the franchisor's policy modified with the franchisee's
>> details where relevant
>>
>> Linking to websites within the franchise calls for the surfer to be
>> made aware when they have moved to another business entity. Inside a
>> franchise image this will be unclear unless specific notification is
>> given
>>
>> If this is MLM rather than a true franchise it will get out of
>> control very fast
>>
>> Tim Trent - Consultant
>> Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
>> email: [log in to unmask]
>> Marketing Improvement Limited, Abbey House, Grenville Place,
>> Bracknell, United Kingdom, RG12 1BP
>> http://www.marketingimprovement.com
>>
>>
>>
>> This message is for the intended addressee's use only. It may contain
>> confidential, proprietary or legally privileged information. No
>> confidentiality or privilege is waived or lost by any
>> mis-transmission. If you receive this message in error, please
>> immediately delete it and all copies of it from your system, destroy
>> any hard copies of it and notify the sender. You must not, directly
>> or indirectly, use, disclose, distribute, print, or copy any part of
>> this message if you are not the intended recipient. Any views
>> expressed in this message are those of the individual sender, except
>> where the message states otherwise and the sender is authorised to
>> state them to be the views of any such entity.
>>
>>
>> -----Original Message-----
>> From: This list is for those interested in Data Protection issues
>> [mailto:[log in to unmask]] On Behalf Of KAREN SADLER
>> Sent: 27 January 2005 15:21
>> To: [log in to unmask]
>> Subject: [data-protection] franchise business
>>
>> This is fairly new to me, so an 'idiots' guide would be helpful!
>>
>> The business is a trading network ; namely the business has a network
>> of franchisees, who recruit members. These members (also businesses
>> of all
>> types) pay a fee to be part of the network, and seeks services
>> through a directory, then can 'trade' services at discounted rates.
>> All data (which is failry limited) is secured by franchisees and is
>> held by the business on a database; Members can view the data to
>> enable them to seek and initiate business with other members.
>>
>> Can you give quick advice on the DP considerations?
>> 1. what role does the franchisee play here? joint controller?
>> or processor? other? 2. what privacy notice should members see? 3 can
>> the directory allow a link through to the members individual websites?
>> what are the DP considerations here? 4.
>> any other critical observations?
>>
>> thanks
>> Karen
>>
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> All archives of messages are stored permanently and are
>> available to the world wide web community at large at
>> http://www.jiscmail.ac.uk/lists/data-protection.html
>> If you wish to leave this list please send the command
>> leave data-protection to [log in to unmask]
>> All user commands can be found at : -
>> http://www.jiscmail.ac.uk/help/commandref.htm
>> Any queries about sending or receiving message please send to the
>> list owner
>> [log in to unmask]
>> (all commands go to [log in to unmask] not the list please)
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> All archives of messages are stored permanently and are
>> available to the world wide web community at large at
>> http://www.jiscmail.ac.uk/lists/data-protection.html
>> If you wish to leave this list please send the command
>> leave data-protection to [log in to unmask]
>> All user commands can be found at : -
>> http://www.jiscmail.ac.uk/help/commandref.htm
>> Any queries about sending or receiving message please send to the
>> list owner
>> [log in to unmask]
>> (all commands go to [log in to unmask] not the list please)
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|