Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

EU GDPR - Expert Advice Community

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • The treatment register

    I find myself mainly in the situation of having showcase sites. Some of them have only one contact form, others only have anonymous google analytics cookies. In other cases I have showcase sites made for example with cms like WordPress or Joomla and have only the technical cookies necessary for the site and that do not collect personal data. In which cases do I have to draw up the treatment register and draw up the information for the person concerned?
  • Data Subject Access Request Procedure

    Just wanted to ask, if in the Advisera documentation there is any document discussing the ‘Right to be forgotten’?
  • EU GDPR

    Does the storage of customer master data (name, telephone, e-mail, address) in the address book of Apple and its synchronization via iCloud already count as the transmission of data to third countries? When using iCloud, do you have to take special precautions in this case, or should I completely discourage using I Synchronization?
  • Transmission of data to third countries

    Does the storage of customer master data (name, telephone, e-mail, address) in the address book of Apple and its synchronization via iCloud already count as the transmission of data to third countries? When using iCloud, do you have to take special precautions in this case, or should I completely discourage using I Synchronization?
  • Signing DPA with large companies

    Do we need a signed contract and DPA with large companies like Microsoft?
  • IT Provider

    We use an IT service provider X (they are our data processors). Provider X sub-contracts out to Company Y. We pay Provider X for the services of Company Y. Does that mean we need a data processor agreement only with Provder X or also with Company Y ? Our IT Service Provider X has said that we must sign a separate agreement with company Y (also they haven't listed Company Y on DPA as sub-processors) .Should we have a signed agreement with Provider X sub-contractor Y ?
  • GDPR Types of data

    I am drafting a Data transfer agreement in compliance with GDPR requirements and I would like to know whether I need to list the types of data that is being transferred in the agreement and if so what level of detail is required?
  • Article 37 – Designation of the data protection officer

    Hello. It written in Article 37 that "the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or the core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10." Do you have any suggestion about the large scale ? How to estimate my data that it is in large scale ? BR, Alex
  • Taking consent from a subject

    I have a confusion about taking consent from a subject (affiliate & Partner). We are an organisation who search affiliate and partner on collected from internet and send the lead generation email to make them our affiliate and partner for the business. Taking consent before sending lead generation email is required in this case or we can send initial email (lead generation) keeping opt out option in email is enough.
  • Code of Ethics

    Why there is no "code of ethics" document included in the GDPR Kit?
Page 74 of 97 pages