Chorus was developed with GDPR in mind. Key features you can use to help remain compliant are:
- Setting the Site Terms and Conditions to ensure that your users provide consent for you to process their personal data (for example, their name, email address and perhaps content they upload or metadata they enter);
- Using expiry dates and embargo dates, which protect assets in your system from accidental use outside a specific date range;
- Setting a log retention policy, so that personal data is purged from audit logs after a period of time;
- Using workflow tools to approve uploads and downloads;
- Using metadata fields to store and manage data which should be exposed so that users can ensure it is accurate.
- Attaching consent forms (for example, model release forms or other content which should be seen at the point of use of a file).
However, we do also recommend you involve your legal team.