Please select user.
There are no topics yet.
Do we need seperate or indeed any privacy notices for forms filled out by staff. These forms are not processed by any 3rd party. they are internal only and are for the purpose for someone to fulfil their role. Like a form requesting permission to access a folder.
How can we overcome this situation? Do you know if we can still be GDPR compliant with this situation?
I wonder if I could act as DPO in a little company being Infrastructure & Security manager. This could be a position with conflict of interest. Even if DPO is not mandatory in such a little company.
Salve, è possibile cancellare in banche dati sic (crif, ctc ed experian) dati positivi in corso?? (cioè finanziamenti in corso positivi).
If we don’t have any employees in any of the GDPR geographies, then employee data isn’t applicable when completing the GDPR documentation. Is that correct?
My company is based in UAE however we provide our services Internationally which means we have to comply with the GDPR rules and regulations and one of them is to have a GDPR officer, is it compulsory to have EU - GDPR Office & representative in Europe?
I have a question around DPIA’s and our Clients data
As a security Monitoring company providing SOC-as-a-service, we are a ‘processor’ to our clients, and we monitor their networks/systems under contractual obligation.
Would we be required to carry out DPIA’s on our Client Data as a processor as well as our own data as a controller?
From what I understand we would carry out a DPIA on their data if they request that we do so. Is this correct?
If this is not clear or you need more information, feel free to let me know.
We have a mobile application that acts as a shopping mall - users register in our application (so we process their personal data), and we have various shops that offer their products and services through our application. Once a user wants to purchase a product/service, we process the payment through the payment processor, and forward the personal data of the user to this shop so that the shop can deliver the product/service directly to the user.
So the question is: are we joint controllers with these shops according to GDPR?
Hi there Dejan,
I just have a quick question. I recorded videos of my zoom teaching and I always had verbal consent of my students, since the video only shows me, nobody or nothing else. I do say the first name of my students though, when I correct them. Now since I am teaching a lot less online again I have been asked to put up a youtube channel. I initially didn't think I would ever use the recordings to more than just for my own analyzing process. But now I was wondering, is it a data right conflict if I say people's first name in the videos and would upload them publicly? They do not talk and most of them I could probably contact and ask if they're ok with it. Just in case I miss a name somewhere of someone I didn't ask, and I repeat I did never mention the last name nor are they seen anywhere, nor do I say anything but a correction to them, would this be considered a violation of data/personal rights already?
Thank you so much in advance. I am sure you usually have other clients. Thank you so much for taking the time to read this.