Is GDPR applicable on companies that operates outside Europe for example KSA but the company might server European citizens resides there
Data Processing Questions
Firstly, do you offer a European Representative service? If yes, can you send me details of that please?
Secondly, I would like to clarify what is required on a Data Processor’s ‘Record of processing Activities’ form? I've been told by a few sources now that I have to include every client we provide processing services to, with Company Name, contact name, contact email and phone No… is this correct? We have thousands of customers!
If I must do that, then so be it, I will do it, I would just like to confidently confirm this is what I must do.
Email Marketing GDPR
I am looking for B2B partners and was wondering if it is permissible to email them.
GDPR Scope and applicability
We are a US based very small company (4-5 employees) and provide software for collecting data related to plant performance to plants based in US and EU both.
Now the only personal data we have in our cloud (365 office and outlook) are email id's and names of the employees of EU based plant workers. In some cases we have access to their offical phone numbers.
So yes we have what can categorize as personal data. But due to the limited customer information that we have would GDPR still apply to us ? and in this case would be act as a processor or controller of PI ?
Hello, I have a quick question about video surveillance in the workplace. My employer has installed 2 cameras on the area mentioned. No information was given to the employees in advance. When I asked, I got the following answer:
"The video material is not recorded and access is password protected and is only intended to support the fire brigade in the event of a fire alarm"
Is that enough justification?
I would be very happy about a short feedback.
Doubts about ODPR or GDPR
Would you like to know if the company has the right to have a list with all the passwords of the employees to access their computers?
If somewhere in the LOPD or the RGPD, it is indicated that the Data Protection Delegate must have said list to be able to access the equipment in the case of not being an employee.
What I comment below is my thought but not knowing all the obligations of the LOPD or the RGPD
I am the IT manager of the company and it is the first time that I come across this indication in my entire professional career. Knowing computer systems, I think that this goes against any computer security scheme and protocol, so it seems strange to me that this is the case.
I also find it strange because of the following:
A multinational like Repsol, if the users have to change the password every 6 months. That you have to communicate your password to the data protection officer….
If all the companies had to have that list, as I have been told, I don't think I know if there would be any company that complied with the LOP or the RGPD
Split between EU GDPR and UK GDPR
"I am considering purchasing a pack but given the split with EU GDPR and UK GDPR, I am questioning it. I also understand that there is not a lot of change in the UK GDPR against the EU GDPR so could do slight amendments accordingly eg reference to the UK GDPR legislation, what are you thoughts?
Change of GDPR document
I need to update my original GDPR documents from 2018. Do you have a cheat list of the changes or amendments please