EU GDPR - Expert Advice Community

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Landbase Casino GDPR

    Hello, we are operating landbase casino in Bulgaria. We are keeping customer information at entrance of the casino, we are getting their names, surnames, ID card information with MRZ scanner, and photo. With GDPR what kind of necessary changes we need to do ? Can you please help us to understand.
  • EU GDPR Documentation Toolkit

    We are a small company offering Box Office software for cinemas, and need to put in place GDPR-compliant policies. Does the Advisera GDPR documentation toolkit specifically have a template that would work for a company like us. We are essentially a ticket agent, so we capture a minimal amount of personal information that we retain for administering the booking and answering any queries, and also pass this information to our clients for ticket collection and contacting the customers in the event of a cancellation etc. So we are a processor for our clients, whilst we are also a data controller for the small amount of information we retain?
  • GDPR and private site

    I have a newsletter managed by an external "mailant" service where users to sign up must sign a form with Acceptance of privacy information. I have a contact form where to contact me you must accept the storage and management of your data from my website and must read and accept the Privacy Policy. Are they still subject to GDPR or are they only companies?
  • GDPR Cross Border Agreement Question

    I am working on my company’s GDPR compliance documents and am using the EU GDPR toolkit to aid in this process. I have a question regarding cross-border personal data transfers. In particular, my company (as a processor) was given a cross-border agreement to sign (see attached) that we initially thought might make a good form to have our own processors sign. But, in reviewing the EU site, the Toolkit, and applicable law, it appears that you cannot modify the terms of the EU’s form agreements (Annexes 1 and 2) or they become unenforceable.
  • DPIA template

    We wish to offer our European customers (or any others) a Data Processing Agreement as we have seen other processors do for us as controllers.
  • Consent under the Data Protection Directive

    1. We have a situation where we have already existing clients that use our web platform and we want to know if we still need to make available a consent request via the web platform or email them a consent form, since we already have a signed contract with them from long ago?
  • Advice on GDPR

    I was unemployed for quite a while and received advice from the Job center but I've never heard of GDPR until today. I've only just went self employed, I am a sole trader and currently work from home, I do take Names and addresses of customers (for postage only) but not bank details or any other personal information. would these new rules be something I would need to read through and print off? or are the new rules for large companies? I don't seem to fit into any descriptions of your drop down link so I chose the last one :( I've looked at the GDPR requirements and they're so confusing I thought it best to ask a professional.
  • GDPR concern

    I'm not concerned about the security but I am concerned about the compliance of Google Suite. We use Gmail for our emails and Drive to store our documents and at the moment Google has no way of limiting our account to only using data centres in Europe. Changing to another provider is not an option. Another interesting one is an application we have that is used around the world. We have a central user database that is replicated for performance and redundancy, meaning all global users will be in a copy of the database in Europe, US and Australia. Should we stop the replication for European users to be compliant? All we're storing is full name, username, phone and email address.
  • Subject access requests

    I need to design a process/procedure for DSARs for my organisation. Could you please advise the best approach? Can i use one flow chart for all eight rights/requests?
  • GDPR - Intercom chat and Facebook Messenger

    For how long can save messages in Intercom and Facebook messenger from customers, potential customers etc. If it is only for statistical use? Should I delete them right away after I have ended a chat session or can I store them en an archive in X time?
Page 72 of 97 pages