EU GDPR - Expert Advice Community

Exceptions in the application of the EU GDPR

GDPR data in Microsoft office

what are your thoughts about GDPR data in Microsoft office (onedrive, SharePoint, azure)? is it acceptable ?

Asking for subscription consent with first newsletter

We are planning to send out a newsletter and we have a lot of contacts and we want to keep them up to date. We didn't really ask them if they wanted us to contact them and if they wanted the newsletter. We are planning to first contact them and ask them if they wish for us to keep them up to date via newsletter. Is this compliant with EU GDPR and is it legal within the EU?

How do I ensure that I am GDP compliant?

I am an independent consultant based in Germany. I want to send Cold Emails to potential individuals /clients in Europe. How do I ensure that I am GDP compliant?

Disclosing identity of user in a copyright infringement proceeding

Can an establishment which is based our of EU but is GDPR complaint (since it has EU customers on its website), can be asked by a court of law outside EU and its home country to disclose the identity of the user in a copyright infringement proceeding

Cold calling via e-mail to website visitors or potential customers with a presumed interest

We are a small software development company. In order to generate new leads, the current procedure is to research new customers that are interested in the company on the Internet. In other words, if we see that the researched company has vacancies in software development or the company was on our website, we will write to them and draw their attention to our services or, in some cases, offer a conversation. In order to reach the target person, the direct email is often sent instead of the company email (info @ ..).

Our question to you now: If someone is of interest to us and we can assume a presumed interest, can we contact these people directly via email and present our services? Are we allowed to cold-call website visitors or potential new customers via email if we see on their homepage that they have vacancies in software development and that our services would be advantageous here?

I look forward to your feedback!

Transfer to controllers or Processors - which one to use?

We are the software developing company and wanted to fill out the SCCA
Which one do we need to use? Transfer to controllers or Processors? We would be transferring the information to our contractor software company in India from the USA

Implementing EU GDPR in a small company

1. How can a small (1-2 person) company correctly implement the GDPR?

2. Also, what tools are available for a Marketing agency to provide its clients with GDPR implementation?

Appointing the manager of the institution's website

Salve, Il dirigente scolastico ha l'obbligo di nominare il gestore del sito web dell'istituto (azienda esterna), responsabile per il tratamento dati ? Segnalo che il sito web non memorizza informazioni, non vi sono form, tratta i classici cookies e l'albo pretorio, quest'ultimo contiene informazioni di carattere pubblico. Grazie!!!

What should I do to be compliant?

I haven’t contacted you for a long time. I’m very happy to complete the basic framework of the company’s GPDR in 2019 with your help, but now there is a problem, as you know, that is: "On July 16, 2020, the Court of Justice of the European Union issued a judgment declaring as “invalid” the European Commission's Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-US Privacy Shield”.

Our current situation is:

We are always certified under EU-US privacy shield so we declare on our website that it complies with GDPR, but it is invalid now..In this case, what should I do to be compliant, in addition, we have no office in EU, just between China and USA we use standard clauses to do transfer between China and USA .