Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Scenario 1/Scenario 2
Scenario1: We have few employees in EU and their personal data is in US servers (Our server & Paycheck processing vendor) and let us know any special consent needed? -
Legal basis
1. We use consent as lawful basis for marketing campaigns and for customer satisfaction survey. We transfer data, within the EU, to partners that provide us customer satisfaction services. But many of our clients do not complete the consent form, they only signed the form and don't tick the options and they say don't have time to do that. What other legal basis can we use to send them marketing information? -
Required consent
1. Is consent required from the xxx email subscribers to receive email notifications from xxx. If yes, what does the process involve? And if the organization needs the services of an attorney at law. -
Data privacy policy and Data protection policy
What is the difference between data privacy policy and data protection policy, does a company need both? -
Need for DPO
I understood that not all companies require a DPO, except for Public Authority and companies engaged in large scale processing of Personal Data. What would be considered as Large? -
Processor/Controller
1.It is not a processor always a supplier too and vice versa is not a supplier always a processor too. If so, when do we apply the processor agreement and when the supplier agreement? -
GDPR component for cookie consent
We are currently struggling with understanding the GDPR component for cookie consent. We are using cookiebot.com for the notification pop up, and there are two methods for consent - active and explicit. Explicit consent is definitely compliant, whereas active consent is a bit vague in the GDPR requirements. We are trying to understand whether active consent we can implement "when website visitors ignore the dialog, they consent to the cookies by the continued use of the website" would be compliant with the GDPR? Our pop up would state "By ignoring this consent box, you agree to the cookie collection" and would have two clear buttons - opt out from cookies and opt in. -
GDPR for Non-governmental organization
1. I represent an NGO based in Brussels, whose members are based outside the EEA. Does GDPR apply to our communication with them? Concretely, do we need to send them privacy notices explaining why we process their data and under which legal basis? -
Data transfer
Some questions that we do not get answered correctly with the help of this toolkit are the following: -
GDPR Application in Case of EU Nationals Living Outside UAE
We are an organization based in United Arab Emirates, to assess applicability of GDPR we have conducted a survey with our business unit and found out that we are offering services/products to EU nationals but they are not residing in EU, they are residing in UAE. In this case would the GDPR be applicable?