Hi @Thomas1, welcome to the community!
I’ve moved your question into a new topic to avoid resurrecting an old one and keep things more focused on your specific question.
Do you help run a Repair Café?
If so, the GDPR topic you originally posted in contains useful discussion on what data you might want to collect and how. Of course, if you start collecting personal data, it’s important to have a proper data & privacy policy and make sure that you’re getting consent from the people you’re collecting data from - they’ll need to know what data you’re asking for, how you’ll use it, how they can opt-out at any time and so on.
I know many groups aim to minimise the collection of personal data to simplify the admin that comes with running events, and this is often a sensible approach. What data do you actually need to collect?
Any personal data you do collect needs to be stored securely, whether on paper or digitally - i.e. only accessible by the group organiser(s). Every group will likely have its own system for this. But if you use a digital system (e.g. storing a spreadsheet in a cloud service like Microsoft or Google’s, or use a mailing list service like Mailchimp), you’ll need to let people know that’s where you’re storing their data.
When it comes to insurance, we have some seperate guidance here:
But a key principle is to make sure that visitors know the core ethos of community repair events: that they are events where you can repair your own item with help from an experienced volunteer fixer. Ideally these are learning events not a ‘repair service’.
Does that help answer your questions?