Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Joint controllers share of responsibilities in IoT
I am interested in how to determine a share amount of responsibilities in IoT.
Thank you in advance -
GDPR Data Retention
Hello, I am from the US. I found a link which referred me to a website that specializes in modding videogames. Without looking or reading up much on the site I signed up as I assumed I would be able to delete my account. I quickly found that I did not want to keep this account there. I emailed the administrator of the site for clarification on the policy, and they stated that they were legally obligated to retain my account for 7 years, and they then banned me from the site. I had emailed about the possibility of deletion, though I did not request it before they banned me. I did further research on this site and they stated vaguely that the GDPR requires them to maintain my account for 10 years, but they state 7 in the terms of service. They also referenced US Tax Laws and the Swiss Data Protection Act, but they referred to the GDPR as the law they had to follow regarding retention of my account. I did a few hours of searching but could not come up with anything that stated they had to retain this, which would prevent me from acting upon my right to delete the account. I was wondering if there was something I missed in my research regarding the retention period.
-
Collecting email addresses
Afternoon, I run a company and we are trying to contact possible customers. Can I go on a website, contact us page, find the email address and email them directly some information about our company? I am looking into a mail chimp style of set up where they have they have the option to opt out and plan on sending newsletters, offers etc. Thank you for your time.
-
Ensuring proper resources are on board
I just read the project plan for GDPR compliance.
Sheet mitigation project risks mentions "ensuring proper resources are on board".
Can you inform me which resources that are? -
EU GDPR representative
I am working with a small business (five people) and they have been asked to provide services to an Italian firm. I have been asked to explore what is required. The business is located in the US and is HIPAA compliant. I understand they need an EU representative. Is this accurate and can that be a person or a company? Thank you.
-
Toolkit content
What documents of your Toolkit refer to the next issues:
- Intragroup Data Transfer Agreement (IGDTA)
- Technical and Organisational Measures (TOMS)
- Newsletter Policy
-
Third party
Please advise when third party disclose PII data only by visiting data processor premise and look at data at data processor premise noting that they don’t have remote access to this data , what is the nature of processing here and do we have to sign with them any agreement. And what is the case if they have remote access to this data
Thank you -
Fines issued in UK for non-compliance to GDRP
Is there currently a list of organisations in UK who have been fined for non-compliance to GDPR and is this list available in the public domain?
-
04.2 Personal Data Protection Policy Integrated
I need help to understand the following.
This is the first document I opened to start working on the GDPR. What do I have to fill in here
2. Reference Documents
· EU GDPR 2016/679 (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC)
[relevant national law or regulation for GDPR implementation [GDPR1]
[other local laws and regulations [GDPR3]
How do I know what law or regulation for GDPR I have to implement. This is something I hope to receive from you.
Please advise? -
List of documentation required by the data processor
What is the list of documentation required by the data processor?