I have a couple of questions that I am looking to get some answers to:
1. Is the GDPR applicable for individuals as well as companies?
2. If I am an individual booking safari trips for European customers is the GDPR applicable?
3. Is social security number or similar considered personal data?
4. Is it legal to require copies of passports to the tourists?
Thanks
I own a home. The administrator yesterday informed us that for the adaptation to the GDPR every administrator and every tenant and / or owner must attend a course for EVERY condominium administered. (repetita iuvant?) I believe, but I am not very expert in this area, that the certification for the administrator is a binding condition for the performance of the professional activity. Among other things, the administrator tells us that the cost is borne by the tenants/owners. Can you please give me some explanations?
I represent a hair implant clinic and I have some questions regarding GDPR.
1. Is the GDPR applicable to the clinic if we have EU customers?
2. We ask for some information form possible patients details about their health conditions and allergies. Is there any specific conditions to comply with?
3. Do we need a DPO?
4. Do we need to ask for consent before asking the health data?
5. We have a contract with a hotel where we keep the patients after the procedure. We send them the names of the patients to the hotel. Do we need to do something?
6. How much would it take to be compliant with GDPR?
Thank you in advance
Can u explain a bit more on profilin?
GDPR application part says gdpr is applicable to all companies in the world that process personal data of EU residents. Some parts it is used EU citizens.. I mean EU residents not necessarily be the EU citizens. How it is going to make the difference
Hi. There are currently two Standard Contractual Clauses - 'Controller to Controller' and 'Controller to Processor'. They are both built for the Controller to be the exporter of the data. We are an EU based company who will be receiving data from a Non EU based company. The Non EU based company is the controller of the data and we are the processor.
My understanding is that the Controller sending the data does not need to take action when sending us the data as their government deems the EU laws 'adequate'. However, we carry out work on the data and then need to return the data file to the Controller (outside the EU). What actions does there need to be in place for this, if any? I do not see a Standard Contractual Clause that would cover this currently i.e a Processor exporting data back to a Non EU Controller.
Your advice would be appreciated
Kevin
I would like to inquire about GDPR Implementation Duration, how long this process takes?
I'm going to implement this standard for a translation agency - medium size business.
We made pictures and videos for an event for our marketing but did not have the necessary forms filled out by the participants and we did not hang up the information boards as we go further now.
1. Are there any available GDPR certifications?
2. How do I start with mapping my processing activities?
3. Is there any video surveillance policy available in the toolkits?
4. I am negotiating with a Data Processing Contract with an insurance company. Are these companies controllers or processors?
5. How can I best present a privacy notice? Do clients need to sign the notice?
