Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Article 37 – Designation of the data protection officer
Hello. It written in Article 37 that "the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or the core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10." Do you have any suggestion about the large scale ? How to estimate my data that it is in large scale ? BR, Alex -
Taking consent from a subject
I have a confusion about taking consent from a subject (affiliate & Partner). We are an organisation who search affiliate and partner on collected from internet and send the lead generation email to make them our affiliate and partner for the business. Taking consent before sending lead generation email is required in this case or we can send initial email (lead generation) keeping opt out option in email is enough. -
Code of Ethics
Why there is no "code of ethics" document included in the GDPR Kit? -
Data Sharing vs Data Processing agreements
What is the difference between Data Sharing Agreements and Data Processing Agreements. Is it a breach of GDPR to not have both? -
Standard Contractual Clauses Annexes
Thank you for the Standard Contract, does the document cover both Controller to Controller and also Controller to Processor transfers or is there another download I need to get please? -
Cross border data transfer
In case you have a development team in Manilla (Philippines) working on Servers that are in the Amazon Cloud in Europe (Ireland) , is this subject of transfer to “outside Europe” countries from GDPR point of view or can I assume this is Europe (so GDPR applicable as it was in Europe)? -
Data processing agreement
1. Am I right in thinking we can use the Supplier Data Processing Agreement in the toolkit (A.15.2) to send to our corporate clients instead or should we wait until they issue their own version to us? -
Contractual clauses for sub-processors
Are there standard contractual clauses for sub-processors? -
Third Party Management
Wondering if you had any information on Third Party Management regarding specifically - Joint Controller Agreements? Templates or specific information? -
Unsubscribe or delete
When we email people on our list who live in an EU country and ask them if they want to stay on our list, do we have to unsubscribe or delete them from our system if they do not respond?