Take the ISO 27001 course exam and get the
EU GDPR course exam for free
LIMITED-TIME OFFER – ENDS MARCH 30, 2023
CHOOSE YOUR EXAM BUNDLE

EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

3990
Discussions
Expert

Carlos Pereira da Cruz

1886
Discussions
Expert

Dejan Kosutic

366
Discussions

Most Popular Tags

Product: Conformio Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISMS Product: ISO 13485 Documentation Toolkit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Internal Audit Product: ISO 27001/Risk Assessment Table Certification ISO 14001 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • GDPR consent and scope identification

    Hi i want your help to implement consent management in the following scenario additionally please help to identify SCOPE as well:

    ABC company offers freight and logistic management application to UK business. application allows creation of admin user and then administrator creates multiple user in the application. Administrator created/assigned username and password are then used by corresponding staff to carry out there task/access the application. during this process (name, email id, username and password ) details are stored in Azure hosting server (maintained by Administrator). so, how the consent management should be implemented and complied in the application. (is it require to maintain consent for administrator only or for all the users having access to application) or not at all. during the process of accessing the application end user IP and location is also stored in application. application is build based on the requirement from UK based business and not published on ABC's website. so how to identify scope. as i am not sure whether gdpr can be applied to only specific product of the organization and not whole organization.

  • Appropriateness of requiring people to give their name/email in order to download special content from website

    Could you send me more information on your opinion on the appropriateness of requiring people to give us their name/email in order to download special content from our website? I’ve run into several different views on this issue, some of which are fine with it, and others opposed. In the webinar this morning, it appeared that you think this runs afoul of the voluntary consent requirements.

  • Exceptions in the application of the EU GDPR

    We are an R&D center and we are developing a project to generate an innovation ecosystem in *** and we would be interested to know about possible exceptionalities in the application of the GDPR.

  • GDPR data in Microsoft office

    what are your thoughts about GDPR data in Microsoft office (onedrive, SharePoint, azure)? is it acceptable ?

  • Asking for subscription consent with first newsletter

    We are planning to send out a newsletter and we have a lot of contacts and we want to keep them up to date. We didn't really ask them if they wanted us to contact them and if they wanted the newsletter. We are planning to first contact them and ask them if they wish for us to keep them up to date via newsletter. Is this compliant with EU GDPR and is it legal within the EU?

  • How do I ensure that I am GDP compliant?

    I am an independent consultant based in Germany. I want to send Cold Emails to potential individuals /clients in Europe. How do I ensure that I am GDP compliant?

  • Disclosing identity of user in a copyright infringement proceeding

    Can an establishment which is based our of EU but is GDPR complaint (since it has EU customers on its website), can be asked by a court of law outside EU and its home country to disclose the identity of the user in a copyright infringement proceeding

  • Cold calling via e-mail to website visitors or potential customers with a presumed interest

    We are a small software development company. In order to generate new leads, the current procedure is to research new customers that are interested in the company on the Internet. In other words, if we see that the researched company has vacancies in software development or the company was on our website, we will write to them and draw their attention to our services or, in some cases, offer a conversation. In order to reach the target person, the direct email is often sent instead of the company email (info @ ..).

    Our question to you now: If someone is of interest to us and we can assume a presumed interest, can we contact these people directly via email and present our services? Are we allowed to cold-call website visitors or potential new customers via email if we see on their homepage that they have vacancies in software development and that our services would be advantageous here?

    I look forward to your feedback!

  • Transfer to controllers or Processors - which one to use?

    We are the software developing company and wanted to fill out the SCCA
    Which one do we need to use? Transfer to controllers or Processors? We would be transferring the information to our contractor software company in India from the USA

  • Implementing EU GDPR in a small company

    1. How can a small (1-2 person) company correctly implement the GDPR?

    2. Also, what tools are available for a Marketing agency to provide its clients with GDPR implementation?
Page 23 of 96 pages