EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • In which of our offices to start with the implementation of EU GDPR

    We have operations in several countries in the EU - can we first start with our main office?

  • Enforcing GDPR in the United States

    Who enforces GDPR in the United States? In other words, what entity is responsible for regulatory oversight in the United States in the context of Regulation (EU) 2016/679?

  • Health information

    Our company needs to send some health information about the people using our devices to the ministry of health.
    1. Do we need to get the consent before?
    2. Are we allowed to keep copies of their ID cards?
    3. Are there any security requirements on how to protect health data?
    4. We are sending some health data but only non aggregated/statistical data to some of our producers that are outside the EU are there any specific thing we need to do?

  • IT staff and DPO availability

    If the core IT staff or DPO are not available due to being on holiday, do you think its best to go with a 3rd party (although they could lack specific knowledge of the systems) to fill the gaps or just deal with it inhouse?

  • Standard contractual clause and Data processing agreement difference

    Can you please tell me if there’s a difference between a “standard contractual clause” and a “data processing agreement” under the GDPR?

  • EU GDPR applicability

    I am new to the GDPR and I have some questions for you:
    1. Is the GDPR applicable only to companies or private persons as well?
    2. Where do I need to publish my privacy policy?
    3. Do I need to have an inventory of activities that I do?
    4. Can I use GPS to monitor my sales agents?
    5. Do I need the consent from my sales agents?

  • BCR, DPO and judicial data

    I have some questions for you if you can help.
    1. Can you please explain a bit if having BCRs in place we will be compliant with the GDPR?
    2. Are any specific requirements on how to process data about the health of our contractors?
    3. How about judicial data? We are required to ask for the criminal record of the crew before hiring them.
    4. Do we need to have a data protection officer?
    5. Do we need to register as processing health and judicial data?

  • Processing biometric data

    I am working on a Facial Recognition based Loyalty Program in food and retail outlets.

    I have a very tight budget and I would very much not like to get sued by people when I capture their biometric data!

    Therefore, I would like to get some advise on how to formulate a good GDPR compliant 'terms and conditions page' for a new user when he/ she registers to use my product for the first time.

  • All policies in place

    Once I have amended these policies provided on in the Toolkit, What do we as an organization do after this? Do I just file and keep them as a record that we do have all the necessary Policies in place and are compliant?

  • Data transfer and data access

    May I please ask you whether data transfer and data access are the same things due to GDPR?
Page 39 of 97 pages