Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Documentation templates for GDPR and ISO 27001
We note that the information is for company internal and not for commercial use. We are interested in the specifics of that - we want to be compliant and may need to demonstrate this to some of our customers, and some of the documents such as the supplier data processing agreements need to be shared and signed by suppliers to be valid. Quite a few other documents are to inform customers/suppliers. Further, it is normal practice for companies to place their privacy policy on their website - would this count as a breach? -
Mailing list and GDPR
I have a customer that uses mailing lists acquired from mailing list brokers, public domain lists and published books with contact details. The company has a database of approximately 10,000 email contacts of which 6,000 are current customers with active engagement. -
Facebook Marketing
I have a small company that deals with the sale of T-shirts. I use Facebook Marketing. The following looks like this: -
Payments
Working on a data process audit and if there is any info on how best to record and justify taking payments of different types - card/cash/cheque/PayPal that would be really helpful and what is the legal basis under GDPR for taking credit card payments? -
Data transfer outside of the European Union
1: Which country is considered as a safe place to transfer information to according GDPR? USA, China, India, Russia. -
Transfer of the personal data
We are a company offering training courses. One of our clients is based in the Middle East. One of our trainers goes to the middle east to deliver training to people who reside in countries outside of the EU. Our trainer collects their names in order to produce their training certificates back in the UK. How does transfer of their personal data to the EU relate to GDPR given that they do not reside in the EU, and collection of the data is outside the EU? -
Disposal of Commercial Shredded Paper
We have Sales Representatives all over the country that work from home. We would like to know if they can shred customer sensitive related paperwork at home and put it in the domestic waste? -
Threshold questionnaire
In the toolkit and in the course is mentioned the "Threshold questionnaire" (Data Protection Impact Assessment Methodology - 5.2). Where can I find it? Is it part of the documentation?" -
Data Processing Agreement and Data Processing Addendum
Dear Sir, We usually have our on bilateral commercial agreement with our service provider/partner/supplier. After the implementation of the GDPR, we need to issue another Data Processing Addendum to our partner/supplier. How about the agreement sign after the 25 of May 2018 onward? Do we still need to sign a commercial agreement + Data Processing Addendum? or just All in One agreement with our partner/supplier/service provider? what is the different between Data Processing Agreement and Data Processing Addendum? Please advise. Thanks! -
Adapting documentation language
We have companies in multiple EU countries, ex Belgium, Nederlands, Romania. Do we need the templates in each countries language or we can use the EN language?