Get a 20% discount on the first year of the Company Training Academy annual plan.
Limited-time offer – ends April 24, 2025
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Data subject rights under the EU GDPR
A company published some of my photos on social network without my written consent and refuse to delete those photos. Could you please kindly advise? -
Data subject
A customer registers an account on our website with his company email address or not personal email address, as this customer left this company, then this company wants to delete this account on our company website, the company cannot find this data subject, so the subject data cannot authorize the representative to execute to delete this account. how to process it? -
Processing special categories of data
Are HR records which are taken as part of the Employment process which has special categories of data need to have explicit consent? How can we address this requirement? -
Controller and processor obligations
In a case in which the controller received from a data subject a request for erasure and then the controller forward this request to the processor, what the processor should do? In case the processor will refuse to delete the personal, what are the consequences? Many thanks in advance. -
Territorial scope of the GDPR
I have a simple but also important question to you. What's the exactly territorial scope of the GDPR? Should we also consider about the case called Google Spain (the application of the right to be forgotten) under the directive 95/46/EC? Could you please explain the territorial scope of the GDPR in case that there should not be a mistake by determining it? I will be really glad if you help me. -
EU GDPR and volunteers
1. We purchased your GDPR toolkit some time ago. We are an international non-profit membership organization with paid staff and volunteers. I have a somewhat unique situation that I'm not sure which documents in the toolkit to utilize for this situation. The main office of our organization is headquartered in the United States. We have various special interest groups located in different countries, including the EU region. The special interest groups are ran by volunteers and are a branch of the main office. Are we able to transfer data of our members to our volunteers in the region so that they can contact them directly about events? -
DPO role
I am currently working as a CISO in a small organization. Can I play the role of both the DPO and CISO ? Do I need to be formally trained in GDPR to play the role of DPO? -
Marketing emails and EU GDPR
We have built an email marketing list at my company, we haven't emailed them before. Are we allowed to email them to ask if they want to receive marketing emails from us? -
Marketing activities and GDPR
I propose a case to understand how to move. I am a small hotel in the fair area, I would like to send a simple presentation email to the participants at the fair, retrieving the general emails (info @) from the fair site. I would simply like to present my hotel with a link to my site. Can I send the communication or do I have to have consent before? -
GDPR and company size
Hi, we are a company of 5 people that deals with electronic design and software for third parties; the site does not collect any kind of information but only acts as a showcase. From what I understand we do not have any kind of obligation because the data we manage are those of customers / suppliers and the payroll envelopes are managed by an external company. Correct? Do we have to do some sort of document or have the letters of assignment signed by those who manage the paychecks and the accountant?