Get a 20% discount on the first year of the Company Training Academy annual plan.
Limited-time offer – ends April 24, 2025
Use promo code:
CTA20

EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Required consent

    1. Is consent required from the xxx email subscribers to receive email notifications from xxx. If yes, what does the process involve? And if the organization needs the services of an attorney at law.

  • Data privacy policy and Data protection policy

    What is the difference between data privacy policy and data protection policy, does a company need both?

  • Need for DPO

    I understood that not all companies require a DPO, except for Public Authority and companies engaged in large scale processing of Personal Data. What would be considered as Large?

  • Processor/Controller

    1.It is not a processor always a supplier too and vice versa is not a supplier always a processor too. If so, when do we apply the processor agreement and when the supplier agreement?

  • GDPR component for cookie consent

    We are currently struggling with understanding the GDPR component for cookie consent. We are using cookiebot.com for the notification pop up, and there are two methods for consent - active and explicit. Explicit consent is definitely compliant, whereas active consent is a bit vague in the GDPR requirements. We are trying to understand whether active consent we can implement "when website visitors ignore the dialog, they consent to the cookies by the continued use of the website" would be compliant with the GDPR? Our pop up would state "By ignoring this consent box, you agree to the cookie collection" and would have two clear buttons - opt out from cookies and opt in.

  • GDPR for Non-governmental organization

    1. I represent an NGO based in Brussels, whose members are based outside the EEA. Does GDPR apply to our communication with them? Concretely, do we need to send them privacy notices explaining why we process their data and under which legal basis?

  • Data transfer

    Some questions that we do not get answered correctly with the help of this toolkit are the following:

  • GDPR Application in Case of EU Nationals Living Outside UAE

    We are an organization based in United Arab Emirates, to assess applicability of GDPR we have conducted a survey with our business unit and found out that we are offering services/products to EU nationals but they are not residing in EU, they are residing in UAE. In this case would the GDPR be applicable?

  • Transferring personal data

    1. We also need to use cross border agreement when using a third party supplier not established in the EU/EEA and which is not under the adequacy decision. Would it be ok to change the text in the following way processing of personal data is carried out by subsidiaries or third party suppliers of the Company which are based in other Member States;

  • Assessing data breaches

    Under GDPR I believe we are obligated to notify customers of a data breach when that breach “is likely to result in high risk to the rights and freedoms of the data subject”.
Page 60 of 97 pages