Dear organ,
As GDPR officer I have been checking whether organs with a google drive are adhering to the standard that we would like. I have found that you have stated in your committee regulations that you will use a google drive account, sadly I have also found that there is personal data on your google drives.
I would like to emphasise that data that does not necessarily need to (remain on) Google Drive should be moved to the committee share on the GEWIS fileserver. This becomes even more a priority if this data contains personal information (names, email adresses, phone numbers, etc.). This will mostly happen when you use a google form and extract the data to an excel sheet. The GEWIS file server is not only more secure as we know where it is located and what happens to the data and the server itself. We also know that even now Google as a third party provider is not the safest and we would like to share as little data with them as possible (Like this for example).
I would also like to point out that we provide options for you to work/acces GEWIS documents from a non-GEWIS PC (often VDESKTOP). Not everybody might know about these system, so you could refer your fellow organ members to here.
As we have heard some stories that people do not like the use of VDESKTOP or prefer the google drive, we would like to know why this is the case such that we could improve the use cases of these options.