Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Non-EU medical services providers and the GDPR
Are medical offices in the United States are affected by the new rulings? We have patients that are in the EU that we email, but come to the United States for their treatment. -
Privacy Shield
I would like to know the latest on Privacy Shield. I am aware that there was talk to suspend it as it doesn't provide adequate level of protection required by Union data protection law and the EU charter by September 1st. Is this still the case? Has Privacy Shield been suspended? -
GDPR between two telecommunication companies
Is it obligatory condition to sign GDPR Agreement between telecom companies that cooperate? Or it depends on parties' desire and is it sufficient just to comply with GDPR terms and conditions? -
Personal data
In case of wholesale VoIP carrier activity, the only information about a caller is just a phone number without any connection and links to any personal data (like name, home address, gender, etc). In this case, it is difficult to say that having just a number is a personal data, because no person may be identified by the carrier by the number. From my point of view, just a number (without any other information that helps to identify the personality) may be considered by an intermediate wholesale VoIP traffic carrier mostly as a metadata than a personal data, and such data does not fall under GDPR rules. Am I right in my suggestions? -
Can data processor delete personal data?
If Data subject asks me (Data Processor) for deleting his personal data that are stored on controller side may I do it for this Data subject or I need to send the request to the Data controller or I need to advise Data subject to contact his Data controller? -
Opt-in email marketing
Suppose the company's' "A" marketing person has got to know email id of a person of another company "B", from some public domain source, and the company "A", wants to connect for direct marketing, what are all the steps this company "A" needs to follow , can we send an email to opt -in, do we have the right to send opt in email to any such email id available in public domain? -
Assessing the severity of personal data breaches according to GDPR
I have a specific question regarding formula SE = DPC x EI + CB, more precise on how to evaluate DPC. -
PayPal and GDPR
I have PayPal account that was on limited state (meaning I can no longer use it like send or transfer funds). I tried to close it on my end but their system isn't allowing me to do so. -
Data controller or data processor
In which document do you specify if you are the data controller or data processor? -
Cross border processing
Document 04.2 paragraph deals with establishing a lead supervisory authority. If a client from another country uses our server that is located in the Netherlands (in a facility of our supplier) to run the software they have a subscription for from us, that can be deemed a processing activity because the database contains personnel and clients (of clients) data. We do not manipulate data other than updating our software.