EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Risk Assessment Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • GDPR and the relation whit CCPA

    I need some advice on how to manage both CCPA and GDPR.

  • Employment matter

    I am a Social Worker working in a local authority through a recruitment agency. When I got a pay increase my recruitment agency did not make me aware of this. Given that they refused to provide the evidence as to when my pay rate was increased, I requested for access to records. My agency refused to provide this. I decided to change to a different agency. The middleman between my agency and the Local Authority I worked with said that they cannot allow me to change to another agency because my recruitment agency has not breached my employment right. I would like to know if the middleman is right or whether my recruitment agency has breached any law. Has my agency breached right to access under GDPR

  • Purpose of a company´s Data Protection Policy

    Which of the following is the purpose of a company´s Data Protection Policy?

    1. A Data Protection Policy allows the company to guide its employees on key aspects of GDPR that are applicable to the company.
    2. A Data Protection Policy allows the company to demonstrate transparency towards its clients.
    3. A Data Protection Policy allows the company to formulate data protection principles in line with the GDPR.
    4. All of the above.


    I picked the ‘first answer’ during the exam because as stated in the course material practice exam p.64 ‘A Data Protection Policy is defined by the company to provide its employees with a relevant interpretation of GDPR in the context of the company’. The second answers ‘demonstrate transparency towards its clients’ is incorrect because Data Protection Policy is an internal document (course material p.62) and demonstrate transparency towards its client is the purpose of Privacy Notice (course material Module 3 p.17) not Data Protection Policy. The third answer is somewhat correct according to course material p.62 but not totally as the company is not formulating new principles in line with GDPR, it is applying already existed GDPR principles (requirements) to the company’s processing activities. But again there wasn’t an option in the exam for me to pick 2 right answers.

    Could you please confirm the intent of this question? Or if it was a technical error on the exam question setup to pick more than 1 answer?

  • Legal basis and contracts

    Do I require to make consent forms if I'm working on a contractual legal basis?

  • Data deletion request

    I have a question regarding a data deletion request -  once we delete all the data do we need to inform the data subject that the deletion has been done? Is there an official form that we need to send the data subject? Or anything we should do or be aware of?

  • GDPR in software development and blockchain

    We are developing a mobile app where we scan documents, ask for data in forms and use blockchain.

    We want to make sure we comply with GDPR. Especially around:
    -data retention, is hashing data enough?
    -anonymized vs pseudonymized. Are we understanding it correctly?
    -data access by personell. Is it ok that developers and database admin can see some of the data
    -how to know when data is misused, mis-accessed, or breached
    -are we a data processor or controller?

  • Encrypting customer data

    "I want to understand if as per GDPR compliance if we need to encrypt customer data while storing in Database?

  • Data capture

    My boss wants me to send an introduction email to try and secure more business from a list of emails the sales team have given him but I have told him we cannot send an email campaign without getting proven opt in from them. Am I correct?

  • House Planning Application

    My partner and I have employed a company to prepare and submit a planning application for a house here in ***. This company completed the process and the application was refused. This company is now trying to get the decision overturned by seeking a ruling from what's known as a board ***. The correspondence to a board *** and the company has taken place behind close doors and the company is withholding the information from us. What rights do we have seen how this company would have used or personal information to correspond with a board ***.

  • GDPR Articles for the recruitment

    I was looking for articles that would be simpler than the original but have the exact same meaning.
    Could you help me to get the right articles used for the Recruitment?
    I mean, what would be the relevant articles that would be applicable to the recruitment team?"
    I am currently working on preparing checking list for the recruitment team
    So, it would be helpful if I could be help with that regard
    Could you also help me with GDPR Articles for the recruitment team
Page 31 of 97 pages