EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Data capture

    My boss wants me to send an introduction email to try and secure more business from a list of emails the sales team have given him but I have told him we cannot send an email campaign without getting proven opt in from them. Am I correct?

  • House Planning Application

    My partner and I have employed a company to prepare and submit a planning application for a house here in ***. This company completed the process and the application was refused. This company is now trying to get the decision overturned by seeking a ruling from what's known as a board ***. The correspondence to a board *** and the company has taken place behind close doors and the company is withholding the information from us. What rights do we have seen how this company would have used or personal information to correspond with a board ***.

  • GDPR Articles for the recruitment

    I was looking for articles that would be simpler than the original but have the exact same meaning.
    Could you help me to get the right articles used for the Recruitment?
    I mean, what would be the relevant articles that would be applicable to the recruitment team?"
    I am currently working on preparing checking list for the recruitment team
    So, it would be helpful if I could be help with that regard
    Could you also help me with GDPR Articles for the recruitment team

  • Article 12 (3) general data protection

    I would like to inquire the reasons why a time extension is required so that I can have access to my information for 3 months. I requested to view my records as a matter of urgency and understood this would take a month. Now it will take until 17th May 2020. Thank you for your help.

  • EU GDPR Data

    Hi. What are the obligations for an entity given the regulations under GDPR with regard to:

    • Usage, Collection, Processing, and Storage of CCTV Data
    • Collection, Processing, and Storage of Biometric Data

  • Data Processing Agreement

    I have a question about GDPR I hope you can help with.
    We have some customers (data controllers) for which we are processing data, however, we have no Data Processing Agreement in place with the customer.
    Is it our responsibility to approach the customer who is the data controller to ensure a DPA is in place and, if so, what is the best way to approach this?

  • Data Protection Regulations

    The Data Protection (Charges and Information) Regulations 2018 requires every organisation or sole trader who processes personal information to pay a data protection fee to the ICO, unless they are exempt.

    And the following comes up on the self assessment section to determine exemption status:
    Answer ‘Yes’ if your organisation was established for not-for-profit making purposes and does not make a profit. Also answer ‘yes’ if your organisation makes a profit for its own purposes, as long as the profit is not used to enrich others. You must:

    • only process information necessary to establish or maintain membership or support
    • only process information necessary to provide or administer activities for people who are members of the organization or have regular contact with it;
    • you only hold information about individuals whose data you need to process for this exempt purpose
    • the personal data you process is restricted to personal information that is necessary for this exempt purpose

    Can the word 'support' where it appears in the first bullet point above cover the situation where Charity A refers a person not otherwise known to Charity B for support. If so, how is the situation affected by the second bullet point?

  • Transferring data between two databases in two different companies.

    I own an IT Consultancy. We have been asked to migrate some data that we think is in XYZ to a company in XYZ. How would it work regarding the GDPR? Normally before GDPR, we would have asked them to export the data in a machine-readable format, if it was a different database, upload it to a storage account and then we would read it using whatever data up load upload tools we had on back into the database. Now with GDPR, I'm not so sure. Obviously it would be encrypted upfront, and we would agree a delivery method for the password. How would it work in this instance with GDPR in place?

  • DPO role

    Does the DPO for a US company processing EU subject data have to be located in the EU?  Or can the DPO be the US company’s privacy officer? And when does the DPO have to register in the EU?

  • Data usage

    I asked for my employer to cover the cost of an excursion and then I was accused of the exact number of days I was sick over 2.5 years and sent to three other people in the company. Question: Can he use this data at all to answer this request?
    And who can get these sick days communicated?
Page 32 of 97 pages