6.1. Permanent Staff Members
Operation Wallacea is based within the UK, but has a number of contracted staff members located in other countries that primarily market internationally. Most prominently this does include offices based in the United States and Canada. Those staff members have access to the client database, which is used to store all information on all categories of individual. The database itself is hosted within the UK (see section 4 and 6.4.5)
All our permanent staff members, regardless of location, are required as part of their employment to adhere to a centrally distributed data security policy regardless of the local laws in the country in which they’re based.
6.1.1. Country Managers
Each individual expedition is led by an Operation Wallacea staff member known as the “Country Manager” who has overall responsibility for that project and the health and safety of all participants. The country manager has received training on data protection and is responsible for ensuring that the guidelines placed down in the Operation Wallacea data security policy are adhered to on expedition.
6.2. Field and Temporary Staff Members
Due to the operating protocols of Operation Wallacea during expeditions, there are certain staff members that need to receive information that are not contracted to Operation Wallacea on a permanent basis. These individuals are typically recruited for a specific contract and due to the nature of their roles may have to receive personal information of participants.
These staff members are given information only pertinent to their role, but this may include sensitive items such as medical information. They are trained in data protection procedures and are contractually required to follow the data protection procedures laid out in Operation Wallacea’s data security policy.
The staff member responsible for the overall management of an expedition (Country Manager – see section 6.1.1) is required to ensure that the data given to these individuals is deleted upon the completion of their contract.
6.2.1. Camp or Site Managers
Camp/site managers are responsible for the wellbeing of all individuals within a specific location. They are only given information related to the individuals at that location, but this may include medical information to ensure on-site health and safety standards or the safety of a participant during an incident or emergency.
Expedition medics are given the details of all participants that they are responsible for during the duration of their contract. They are typically issued this information prior to the expedition in an anonymised format to allow them to prepare, or raise any medical concerns or queries about participants to the site management team. Once they reach site, they are given access to a non-anonymised version of the participants they share a location with.
6.2.3. Other Staff
All other on-site staff receive information that is only relevant to their potential job role.
- Those responsible for food preparation will receive names, dietary requirements and where appropriate allergy information.
- Those responsible for leading students in the field may be given names and limited health information if the site manager or medic determines that a specific participants medical history may put them at risk on a particular activity.
The determination of what is appropriate to pass on to which staff member is made by the country manager. (See 6.1.1)
6.3. Transfers of Data Outside the European Economic Area
The majority of our in-country partners are based in “third countries” that fall outside the European Economic Area. They are all contracted as data processors under article 26 of the GDPR and are required to adhere to the data processing and security described in section 6.2.
We do not transfer data to any organisation outside the European Economic Area that is not contracted as a data processor.
6.4. Data Processors
Data processors are organisations that we have contracted to perform a particular service or task for us. Those contractual obligations require that we pass them certain pieces of personal information, and as such we require that there are data protection and confidentiality provisions built into their contract.
Specifically, they are required to:
- Only act on the written instructions of Operation Wallacea;
- Ensure that people processing the data are subject to a duty of confidence;
- Take appropriate measures to ensure the security of processing;
- Only engage sub-processors with the prior consent of Operation Wallacea and under a written contract;
- Assist Operation Wallacea in providing subject access and allowing data subjects to exercise their rights under the GDPR;
- Assist Operation Wallacea in meeting its GDPR obligations in relation to the security of processing, the notification of personal data breaches and data protection impact assessments;
- Delete or return all personal data to Operation Wallacea as requested at the end of the contract (as a minimum all personal data that is not legally required to keep should be deleted within 8 weeks of the individual’s expedition) and
- Submit to audits and inspections, provide Operation Wallacea with whatever information it needs to ensure that they are both meeting their GDPR Article 28 obligations, and tell Operation Wallacea immediately if it is asked to do something infringing the GDPR or other data protection law of the EU or a member state.
6.4.1. In-Country Partners
Each Operation Wallacea expedition has a local partner organisation based in the country in which the expedition takes place. The roles and responsibilities of those partners vary significantly from country to country. Some have only minimal involvement in project preparation, setup, and execution whereas others are involved in every single aspect of it.
For example, they are frequently required to book accommodation, arrange transfers, buy supplies (eg food) and where appropriate hire local people as assist the expedition as cooks, guides and other ancillary staff members, among other items.
The only information passed over is that which is required for the in-country partner to complete their contract. This usually includes the following information collected via the Opwall Portal (https://portal.opwall.com)
- Name as displayed on passport
- Telephone number
- Date of Birth
- Passport number
- Passport expiry date
- Details on current links with academic institutions or schools
- Allergy Information (See 184.108.40.206)
6.4.2. Transference of Medical Information to In-Country Partners
As a sensitive category of data, medical information is excluded from transfer to in-country Partners in all but the following exceptions:
220.127.116.11. Allergy Information
To minimize the risk to our participants of encountering a potential allergic reaction we do ensure that allergy information is passed to local partners. This is used to ensure that, alongside dietary information, those that may be involved in food preparation are aware of potential risks to the students.
It also ensures the participant accommodations are aware of any environmental issues that the participant may have.
18.104.22.168. PADI Documentation and Marine Activities
The Professional Association of Dive Instructors (hereafter known to as PADI) are the qualifying body for dive professionals utilized by Operation Wallacea on all expeditions. We, and our in-country partners, hire PADI qualified staff exclusively to run in-water marine activities.
PADI have a requirement that all people participating in an activity supervised by one of their professionals complete a medical form to ensure that they are safe to dive, and that form must be seen and inspected by that professional.
That medical form lists many conditions that may impact diving, and if the person completing it confirms they have that condition they are required to get the form signed by a doctor.
In addition, Operation Wallacea also utilizes more conservative measures for dive safety due to the remote nature of the expeditions. There are a number of additional sub-questions that we have entered into the form at the recommendation of diving doctors, and for certain answers we will require that the participant visit a dive specialist instead of a regular physician.
Those forms, as such, can contain medical information. As a number of our in-country partners are also contracted to provide diving activities, these documents have to be passed to the relevant dive professionals.
22.214.171.124. Acting as Camp Managers or Medics
In a small number of instances, the in-country partner will also take a position as on-site management for a camp or expedition, or will have staff that are acting as medics.
Within those roles they are responsible for the health and safety of all participants in their care, and as such need to receive the additional medical information submitted by the individual i.e.;
- Current medications
- Current medical conditions
- Past medical conditions
- Current psychiatric issues
- Past psychiatric issues
While in a position where they are acting in a role as a camp manager or medic, the in-country partner is required to ensure that information is kept safe according to the Operation Wallacea data security policy.
6.4.3. Flight Providers
During the booking process participants are asked if they wish for their details to be passed on to a flight provider to simplify their travel procedures. This takes two potential forms that determines what information is transferred.
- For school/field trip groups that are booking an expedition with Operation Wallacea as a package that includes flights. (Name, nationality, passport number and expiry, date of birth, gender, dietary requirements and allergy information, school attending).
- For individuals that have opted into that contact during initial booking. (Name, date of birth, email address, phone number).
6.4.4. Insurers – Cover-More
Operation Wallacea has a medical insurance policy in place with the Cover-More Group that covers all participants for the duration of their expedition. As part of that policy Cover-More require details on all medical information submitted, in case there are any pre-existing medical conditions that may exclude a participant from the policy in place.
When the medical information is transferred to Cover-More it is anonymised and all identifying information removed. Cover-More then identify all individuals that the medical policy may not cover, and feed that information back to us. They are required to contact those individuals with applicable to do one of the following:
- Request more information, if the details supplied were inadequate to determine if cover is possible.
- Inform the participant the insurance policy will not cover their pre-existing condition.
- Give them the ability to pay a premium for that specific condition so it is covered.
We then notify the individuals involved that they are to be contacted by Cover-More prior to passing on relevant contact information.
6.4.5. Consilience Media
Our client database, online portal (https://portal.opwall.com) and online finance system has been designed, developed and is currently maintained and administered by Consilience Media. (https://consil.co.uk/). They are also responsible for the security of the server against data breach.
Due to their administrative privileges they have full access to all information stored within the databases, including all personal data.
Our accountants, Forrester Boyd, have access to all our financial records via our accounting software. This does include record of all invoices that have been issued by Operation Wallacea and customer information required in the creation of those invoices. This is limited to name and billing address.
Mailchimp is an online marketing platform that we use to create and distribute emails in the following circumstances;
- Ex-participant newsletter. We maintain a newsletter for ex-participants that distributes updates about Operation Wallacea, updates about the Operation Wallacea expedition that they joined and potential job opportunities.
- Marketing emails to potential clients. We periodically use mailchimp to send emails to those that have expressed an interest in joining an Operation Wallacea expedition.
Emails from Mailchimp can be opted out of at any time by clicking the “unsubscribe” link at the bottom of each. All those people who unsubscribe via mailchimp are also removed as a potential client from our databases. Details transferred to Mailchimp are restricted to name and email address.
Mailchimp’s own privacy details can be found here: https://mailchimp.com/legal/privacy/