Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Marketing activities and GDPR
I propose a case to understand how to move. I am a small hotel in the fair area, I would like to send a simple presentation email to the participants at the fair, retrieving the general emails (info @) from the fair site. I would simply like to present my hotel with a link to my site. Can I send the communication or do I have to have consent before? -
GDPR and company size
Hi, we are a company of 5 people that deals with electronic design and software for third parties; the site does not collect any kind of information but only acts as a showcase. From what I understand we do not have any kind of obligation because the data we manage are those of customers / suppliers and the payroll envelopes are managed by an external company. Correct? Do we have to do some sort of document or have the letters of assignment signed by those who manage the paychecks and the accountant? -
Transfer of data
1. We are an outsourcing company and handle multiple clients. The clients are the data controllers and we are the processor. For one of our clients, we send their data outside the EU (India). This is a requirement for us to do and is set out in our work contract. Am I correct in saying that all we need to be able to do this is prior written consent from the controller in the agreed contract? i.e there is no need for us to have third-country clauses? -
GDPR and hosting events
1. I am developing an event website and my main question is about posting the events. Is it considered public information the name, time and prices of those events posted on the bars, clubs and venue's website? -
Medical data and GDPR
1. Does the GDPR restrict hospitals in any way from encrypting and sending their patient data to a third party? -
EU GDPR and doctors
1. We consult a local hospital regarding issues pertaining to GDPR. Does the hospital administration need to sign a confidentiality agreement with the doctors? Or theoretically, doctors are covered by their code of ethics? -
Gateway payment provider
1. I'm confused as to why gateway payment providers are considered controllers since they need to process our customer's data by sending the invoices to them? -
Supervisory authority and extra-territorial provisions
Let's imagine that there is a company outside of EU, who offers products and services for EU customers. Of course, this company needs to comply with GDPR. But what happens if this company decides not to comply with GDPR? How can Supervisor Authorities act in this context? -
GDPR officer
Should a GDPR officer have a legal background? -
GDPR & Brexit
GDPR & Brexit - What will this look like?