SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
GDPR implications
We are commercial real estate lenders and sell loans to our parent bank in Germany which we later service using a master service and support risk assessment using reporting tools. The personal data for these loans is all originally collected in the U.S. and might include a list of building tenants (generally corporate but also some apartment tenants) , financial information of guarantors to the loans and contact information of people that played a role in the loan (client, law firms, property appraisers, title companies etc.) Is this something that has GDPR implications if teh data is all sourced originally from the U.S. ? -
Code of conduct
Is there a code of conduct within the GDPR toolkit? -
GDPR Legitimate Interest Assessment
I'm wondering where can I find a GDPR Legitimate Interest Assessment on my GDPR Toolkit? I've checked but I couldn't find anything similar, I've been told this should be done as part of the new GDPR regulation. Also, is a "Privacy Statement" the same as a " Privacy Notice" or these are 2 different documents?" -
Collecting CVs
1. We collect CVs from our employees from EU. We have data subject consent form from them. We may provide these CVs to our clients in different countries inside and outside of the EU for approval. Which document should we sign with clients? -
GDPR in education sector
We have a customer who is in education sector whose head Office is based outside the EU, but have schools in many non-EU countries and in the UK, Germany, and Romania. our questions are: -
Hosting the data
Hi, we are launching a metasearch platform(hotel bookings) and will not be processing any personal information at this stage apart from location cookies at the time of users access our website, however we do have emails from Business to Business, can you advise apart from email hosting company what other aspects we will need to be aware of to comply with GDPR, that may including webhosting or Email hosting client that we use. Any suggestions will be appreciated. -
Email disclaimer
1. I have a question regarding the Email disclaimer. I can find any information, which information should be included in the email signature/disclaimer? -
Are we a data processor or controller?
My company rents out office space and meeting rooms to other organisations. So those organisation are our customers with whom we have a contractual relationship. As part of the office space rental, the staff at the organisations can book meeting rooms. This means that we process the name, contact email and organisation name so that we know who is renting office space, who to bill, and who can book meeting rooms. In this situation, are we a controller or a processor? Should we be signing a data processing addendum? -
Marketing emails
1. Can I send a message via email to customer that did not finish placing their order (so they added an item/items to the basket and did not go forward)? -
DPIA Register template
1. Can the DPIA Register (05.2) template be used as it is or it needs to be edited to fit our business?