Please select user.Assign
There are no topics yet.
I asked for my employer to cover the cost of an excursion and then I was accused of the exact number of days I was sick over 2.5 years and sent to three other people in the company. Question: Can he use this data at all to answer this request?
And who can get these sick days communicated?
Just need to ask about easily compliance checklist for GDPR, and it's mapping controls with PCI-DSS and ISO 27001
We are a University and when prospective students signs up for an Open Day they can enter their parents contact information. When you click on the register on this link at the bottom you’ll see this message
We want to use these parents email address for google display advertising to send them to our website. How can we do this? As they won’t necessarily be aware that their child has entered their email address.
Do you know about procedure of giving Power of Attorney from controller to processor, to transfer data outside EU on behalf of controller?
I would very much appreciate some clarifications of the above:
I want to set up a startup and develop a software for facial reconstitution.
Are there any constraints from a privacy perspective? What do I need to consider before in the implementation stage? Is it required for us to have a DPO? We are planning to use AWS for storage is this OK or is better to keep the data in our own servers?Do we need to perform some kind of risk assessment before starting? How would ISO27001 help us?
Any other advice would be much appreciated.
We are an international university (and the university is also a city where everyone who works and studies also lives/resides). As such, we are currently placing individuals who are returning from high risk areas (of the Coronavirus) or those whom have had contact with those in high risk areas (i.e., roommates) in quarantine.
It would be great to receive some guidance on things we should be able to do in terms of GDPR in the context of:
I just have a question. The document IT Security Policy is included in the Premium Toolkit, but now requires an Information Security Policy from me
What is the difference between the following 2 documents, or is there no difference between them and are these the same documents?
I run a small "haute" couture shop and I have some questions regarding sole GDPR aspects:
Hi, we are a small business that provide TV subscription for its customers. Customers' data are stored in CRM system run by 3rd party. As a financial controller and data processor (?) and authorized person to use CRM can I access customer's data freely ie what purchase individual made etc or any other reason that is required for business purposes without breaking GDPR rules? Basically I would like to make sure that I have the right to access customer information if needed.