EU GDPR - Expert Advice Community

GDPR applicability

1. As a software company do we need to comply whit the provisions of Art. 30 of the GDPR?
2. Do we need to perform DPIA for all the processing activities? Are there any criteria to be considered?
3. How do we manage marketing communications? Are we required to obtain consent?
4. Are there any specific requirements for software development?
5. How about websites? Any advice on how to make a website compliant?

EU GDPR Inventories

1. Can you please suggest what would be the best way to start with that?
2. What information do we need to include in our Inventory?
3. How much time do you think it will take to implement the basics?
4. Is there a list of documents which are mandatory?
5. Do you think we need to have a DPO?

Questions regarding EU GDPR

1. If I have multiple subsidiaries in more than one EU country, do I need to appoint a Lead Supervisory Authority?
2. Do I need to register in all EU countries where the subsidiaries are located?
3. Can I appoint just one DPO for all of the subsidiaries or I would need one in each country?
4. Based on your experience how much time and resources are needed to become compliant whit the GDPR?

GDPR and security measures

Is it allowed, according to DSGVO, to send pay slips by mail internally in the company? Or has to be e.g. to be encrypted with Winrar?

Background report

We have an EEA-based person we recently extended a job offer to and whom has asked for a copy of their background report – we obtain background reports from a company who processes information at our request.

What are the next steps for us?

What is the full process?

EU GDPR and Personal Data Processing

1. Who is responsible for the personal data which is processed with a third company (like a booking or a paying system)?
2. If the Company can access the data (by e-mail, online account, etc,...) but doesn't hold those data?

Personal data processing and Privacy statement

1. I have a question about the example they have describe as ABC company and XYZ company- When the XYZ company is going to process my personal data for billing purpose- what rights I have against XYZ company and how can I prevent from using personal data. I feel if it is part of contract then my consent is not required. If they have not mentioned about XYZ company then how can I limit the ABC from Processing my personal data?
2. Does privacy statement on the website can carry sufficient and common information to all of its customers?

GDPR topics

1. Is the GDPR applicable for individuals as well as companies?
2. If I am an individual booking safari trips for European customers is the GDPR applicable?
3. Is social security number or similar considered personal data?
4. Is it legal to require copies of passports to the tourists?

Condominium administrator

I own a home. The administrator yesterday informed us that for the adaptation to the GDPR every administrator and every tenant and / or owner must attend a course for EVERY condominium administered. (repetita iuvant?) I believe, but I am not very expert in this area, that the certification for the administrator is a binding condition for the performance of the professional activity. Among other things, the administrator tells us that the cost is borne by the tenants/owners. Can you please give me some explanations?

Questions regarding GDPR

1. Is the GDPR applicable to the clinic if we have EU customers?
2. We ask for some information form possible patients details about their health conditions and allergies. Is there any specific conditions to comply with?
3. Do we need a DPO?
4. Do we need to ask for consent before asking the health data?
5. We have a contract with a hotel where we keep the patients after the procedure. We send them the names of the patients to the hotel. Do we need to do something?
6. How much would it take to be compliant with GDPR?