EU GDPR and data processor
1. it better if a company contracts to me as a person, me as a contractor, or my company if passing me data? I want to offer interview coaching to job applicants for free, and only ask that they donate to charity in return.
2. The recruitment firm I'm talking to is hesitant because of GDPR. How can I best allay their concerns?
In which of our offices to start with the implementation of EU GDPR
We have operations in several countries in the EU - can we first start with our main office?
Enforcing GDPR in the United States
Who enforces GDPR in the United States? In other words, what entity is responsible for regulatory oversight in the United States in the context of Regulation (EU) 2016/679?
Our company needs to send some health information about the people using our devices to the ministry of health.
- Do we need to get the consent before?
- Are we allowed to keep copies of their ID cards?
- Are there any security requirements on how to protect health data?
- We are sending some health data but only non aggregated/statistical data to some of our producers that are outside the EU are there any specific thing we need to do?
IT staff and DPO availability
If the core IT staff or DPO are not available due to being on holiday, do you think its best to go with a 3rd party (although they could lack specific knowledge of the systems) to fill the gaps or just deal with it inhouse?
Standard contractual clause and Data processing agreement difference
Can you please tell me if there’s a difference between a “standard contractual clause” and a “data processing agreement” under the GDPR?
EU GDPR applicability
I am new to the GDPR and I have some questions for you:
- Is the GDPR applicable only to companies or private persons as well?
- Do I need to have an inventory of activities that I do?
- Can I use GPS to monitor my sales agents?
- Do I need the consent from my sales agents?
BCR, DPO and judicial data
I have some questions for you if you can help.
- Can you please explain a bit if having BCRs in place we will be compliant with the GDPR?
- Are any specific requirements on how to process data about the health of our contractors?
- How about judicial data? We are required to ask for the criminal record of the crew before hiring them.
- Do we need to have a data protection officer?
- Do we need to register as processing health and judicial data?
Processing biometric data
I am working on a Facial Recognition based Loyalty Program in food and retail outlets.
I have a very tight budget and I would very much not like to get sued by people when I capture their biometric data!
Therefore, I would like to get some advise on how to formulate a good GDPR compliant 'terms and conditions page' for a new user when he/ she registers to use my product for the first time.
All policies in place
Once I have amended these policies provided on in the Toolkit, What do we as an organization do after this?
Do I just file and keep them as a record that we do have all the necessary Policies in place and are compliant?