Questions for EU GDPR start
Are you able to help me whit the following questions.
What is the difference between controllers and joint controllers?
Do I need to have DPA with controllers and joint controllers?
Do companies need to have Binding Corporate Rules?
Which is the best way to start wiht the GDPR from your experience?
How much time and money does a small 20 men company need?
Is here any guide for data breaches?
thank you
Assign topic to the user
What is the difference between controllers and joint controllers?
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. If there are more than one controller and the decision on the processing is taken jointly by both this means that they are joint controllers and they will share the responsibility to comply with the GDPR.
Do I need to have DPA with controllers and joint controllers?
The EU GDPR does not mandate that however, it is customary to have a Joint Controller Agreement to clearly state the obligations of the two joint controllers.
Do companies need to have Binding Corporate Rules?
Binding corporate rules (BCR) are data protection policies adhered to by companies established in the EU for transfers of personal data outside the EU within a group of undertakings or enterprises. Such rules must include all general data protection principles and enforceable rights to ensure appropriate safeguards for data transfers. So, BCRs are only useful for intragroup data transfers. If you want to find out more about international data transfers check out this webinar “How to make personal data transfers to other countries compliant with GDPR” ( https://advisera.com/webinars/how-to-make-personal-data-transfers-compliant-with-gdpr-free-webinar-on-demand/).
Which is the best way to start with the GDPR from your experience?
If you want to get more information on how to start a GDPR compliance project you should check out this article “ 9 steps for implementing GDPR” (https://advisera.com/articles/9-steps-for-implementing-gdpr/)
How much time and money does a small 20 men company need?
The time needed is not only influenced by the size of the company but also by the types and categories of personal data processes, the amount of the processing etc. You can get an idea of the time needed by using this EU GDPR Compliance Duration Calculator (https://advisera.com/eugdpracademy/eu-gdpr-compliance-duration-calculator/)
Is here any guide for data breaches?
You can find a useful whitepaper on how to assess the severity of the data breaches at Assessing the severity of personal data breaches according to GDPR (https://info.advisera.com/eugdpracademy/free-download/assessing-the-severity-of-personal-data-breaches-according-to-gdpr)
Comment as guest or Sign in
Dec 05, 2019