Campaigning & Data Protection

Key areas to be mindful of when running a campaign

Data Security

Canvassing & Deliveries


  • Keep printing of personal data to a minimum

  • Brief volunteers about keeping hard copy data secure and out of sight

  • Do not leave stacks of undelivered, addressed mail in communal areas of residential blocks

  • Paperwork must be destroyed securely after use

    *** Do not dispose of data in public bins ***

Exposure of personal data

Data Breaches

Email within 24 hours summarising:

  • Date & time of breach?

  • What happened?

  • Types of data involved?

  • Number of individuals affected?

Bulk e-communications



Data Subject Rights

Data Rights Requests


  • Forward to as soon as possible

  • Subject Access Requests (SAR) - please do not process these yourselves

  • Right to Erasure / Right to Be Forgotten (RTBF)

Handling systems

User Set-Up


  • Lighthouse Superusers & Connect Managers
    - grant / revoke access in liaison with local party officers
    - instruct Lib Dem HQ to set up additional superusers / managers 

  • Ensure temporary accounts have an expiry date

  • Do not create multiple ‘volunteer’ accounts
    accounts must be named

  • Provide an appropriate level of access for the job in hand
    *** Do not grant higher permissions than necessary ***

User permission levels

Managing Access


  • Exercise caution when engaging non-members as volunteers
    - NDAs must be signed for handling personal data (includes Minivan)

  • Connect - the user agreement should be signed-off before use

  • Reviewing user access
    - remove access when someone has moved / resigned / changed roles
    - conduct access audits post-election and at the start of the year

  • Action the Tech Team's Housekeeping Reminders

    *** Under no circumstances should logins be shared ***

Use of Party Data

Using Party Data


  • Political parties are entitled to use the full Electoral Register for campaigning (Party-approved tasks only)

    *** This data cannot be used for personal / business purposes ***

  • Misuse contravenes Party Data Protection Rules
    - could lead to a formal complaint against individual
    - abuse of access rights is considered a data breach
    - email immediately if you believe a breach has occured

This website uses cookies

Like most websites, this site uses cookies. Some are required to make it work, while others are used for statistical or marketing purposes. If you choose not to allow cookies some features may not be available, such as content from other websites. Please read our Cookie Policy for more information.

Essential cookies enable basic functions and are necessary for the website to function properly.
Statistics cookies collect information anonymously. This information helps us to understand how our visitors use our website.
Marketing cookies are used by third parties or publishers to display personalized advertisements. They do this by tracking visitors across websites.