This policy sets out what 360Giving will do if we receive a request to remove data that is published to the 360Giving Standard.
Where is 360Giving data held?
Our website does not store any 360Giving data, but it does provide links to places where the data can be downloaded. These links are curated by 360Giving and are found on: http://www.threesixtygiving.org/data/data-registry/ and as a JSON feed via http://data.threesixtygiving.org/data.json
Other applications also use and store data published to the 360Giving Standard. These are know as ‘consuming applications’. Not all of these applications are designed and managed by 360Giving and they should each have individual take down policies. Consuming applications that are managed by 360Giving have policies that complement this policy, meaning that if a request to take down data is received and accepted by 360Giving, the data will also be taken down from all the applications we manage.
The applications we manage are:
Once data is open, meaning it has been published under an open license, it may be taken and used by different people in different applications that are beyond 360Giving’s control. The applications may be both online; such as digital platforms that allow users to access and explore 360 data, and offline; such as a downloaded dataset used for research purposes. We are not able to take down data from these applications but, where possible, we will inform the managers of any of the online applications when data has been taken down and advise them on any actions they may need to take.
Take down requests
A request to take down data can be made by anyone. The request can be made via email, telephone, verbally or in writing: http://www.threesixtygiving.org/contact
The person making the request should:
- Confirm their role and relationship to the data.
- Clarify which specific data item(s) they are requesting be removed.
If the request is from the organisation that owns the data and it is clear what information is to be removed then no further information is needed and the data will be removed as soon as possible.
If the request is not from the owner of the data it will be necessary to establish the reason for the request; for example, it may contain sensitive personal information or be inaccurate.
There may be cases where it is clear that, as owners of the application, 360Giving can act without prior consent of the data owner. However, it may also be the case that the data owner needs to be involved in any decision to remove their data.
Once a decision to act, or not to act, has been taken the requester will be informed. Regardless of the decision, all requests for data to be taken down will be logged by 360Giving. This information will not be made public and is for internal reference only.
Once 360Giving has decided that data should be removed we will endeavour to do this as quickly as possible. This may require us to work with the requester in order to identify all the relevant data. We will also work with the owner of the data to ensure that they are able to remove/redact the data at source.
In some cases it may be necessary to clear all the data that has been published by an organisation to the 360Giving Standard, in order to deal with the request. We will avoid this wherever possible as it may affect the service that other users of 360Giving data expect, but there may be occasions where this is the only course of action.
We understand that any request to remove data will be seen as urgent by the requester. When a decision to act has been taken we will aim to remove the data within two working days of receiving a request. In some cases this may not be possible. In these cases, we will keep the requester informed of what action we are taking and the expected time frame for taking down any relevant data.
If you have any questions or comments about this Take Down policy please email: firstname.lastname@example.org
360Giving reserves the right to update or amend this policy at any time and without prior notice.