EU GDPR - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Question about data protection points in a contract

    I have a contract for a service and I would like to know if I really need to accept all the points in relation to personal information data protection.
    Is this something you can advise?
    Thanks :)

  • Data processing agreement between a data controller & a data processor

    Some information please on what information must be included in a data processing agreement between a data controller and a data processor

  • Administrative fines for lack of compliance with GDPR

    Hi, I have been reading articles 83 and 84 as I am interested in knowing more about administrative fines for lack of compliance with GDPR. If a company does not have a positive turnover, can it still be sanctioned?

  • Sub-Processors

    I need your advice regarding the below:
    Shall sub-processors used by data processor share their sub-processors and third party list with the data processor

  • GDPR - holding data

    I am writing to ask about a mobile app that I downloaded and without reading the privacy policy I accepted it. When I decided to delete my account I was told the company has a right to hold my data for 4 years after I decide to delete my account.

    I wanted to know if this in inline with GDPR laws in regards to right to be forgotten. If I can get some guidance, I can email the app developers and explain that I would like them to delete my data.

  • GDPR Processor (Software Sturtup)

    we are a software startup in israel, we are willing to enter into the EU but we heard we are data processors, so we do not really understand what we need, the information is a bit confused

  • DPIA

    Dears, Appreciate your support to provide me with your advice regarding the following 1. As a processor , should I perform DPIA (is it required) 2. If the controller is not in compliance with the GDPR and didn't share any direction with the data processor (in other words the controller didn't ask the processor to be in compliance with the GDPR). In this case will data processor be liable if any security breach occurs. 3. is it required for the traffic containing PII between a company and service provider to be encrypted.
  • DPIA For Cloud Services

    When and how to carry out a DPIA (data protection impact assessment) with respect to cloud services for my organisation.

  • Software for creating the routes for the school buses

    We would like to create a software for the automated creation of routes for the school buses. We would use Google Maps api to create the individual routes to pass on addresses of the students (without names) to these api. What should we pay attention to?
  • Question about GDPR Article 27

    We have bought several of your products and love everyone of them.  We had a question about GDPR article 27.  We are working with one of our customers on their GDPR annual audit and one of the questions that is asked for Article 27 is: "Is your organisation established outside of the European Union"?

    This customer is US Based, but has a corporation established in both the UK and Ireland.  They do all of their EU business from either the UK or the Ireland companies and have "Data Champions" in place at each company in the UK and Ireland.  Since they have a corporate entity in the EU, are they allowed to answer the "Is your organisation established outside of the European Union" question "No"?

Page 12 of 89 pages