All the eBooks you need to implement
ISO 27001, ISO 22301 and GDPR
ISO 27001, ISO 22301 and GDPR
Limited time offer - Valid until July 15, 2020
Hey, I would like to know who is controller and processor practically. Like I know what are the duties and responsibilities of these two.
But let's say if am developing a particular application on which I will collect personal data to fulfill the purpose of the application. So Do I have to appoint a controller or processor or is there any something like the founder or director, CEO, or legal advisor will act as a controller?
Data Transfer Agreement template (Referenced in Cross Border Transfer Procedure):
DTA for Controller -> Controller
DTA for Controller -> Processor
When to use which one?
I have been through the forwarded material around GDPR compliance and I have the following questions:
1. International personal data transfers – Binding Corporate rules (BCR) under GDPR – and Cross boarder documentation
How do we secure compliance? Is it by fill in and sign the Cross Boarder document or do we need another agreement?
2. When we have “employed” sellers and consultants with their own companies which invoices their “salary” to Digizuite, do we then need specific Data processing agreements with each of them?
3. I can’t find a Data Processor agreement in your material. Why isn’t it part of the toolkit?
I have a question in regards to the document in section 8, Third Party Compliance. Supplier Data Processing Agreement. We use a third party like Google Analytics, does it fall under this category?
Hi, I need to know whether there have been any changes to the EU GDPR policies recently in relation to e-privacy. Can you advise?
1. Are Data Protection Laws extra territorial?
2. Do Data Protection Regulators in various countries communicate with each other?
I have a website ***.
I made a proper (as I think) Privacy and Cookie Policy, as well as Terms of Use. Also, there is a Cookie contest, which is visible to all the users and allows them to block the cookies.
An open-source service "cookie bot" says the website is GPRS compliant. But I still see some cookies in my browser and am afraid that my users will be not satisfied with this.
How can I fix it?
I came to know that in the email body if there is some personal data like address then it is called unstructured data. Kindly guide me a tool for GDPR purpose so that I can use to learn and implement GDPR.
I am trying to find the default legal position around data transfers under the German Laws. In the UK, if a contract says that parties shall comply with the position of the DPA. It means that parties can transfer data amongst its affiliates if the parties have one of the EU the approved transfer mechanisms in place. Therefore I want to determine what German law enables/ permits this. Is it something you can assist with?
A company owes me a refund and in order for this to happen they are requesting the following:
"send a copy of the front of your debit card plus either a copy of your passport, driving license or Utility bill dated within the last 3 months.
Unfortunately our accounts team are unable to process the refund without these."
I am not happy providing any of this and do not think this is needed for a refund. Can you please advise?
