EU GDPR - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Personal Data Protection Policy

    Hello, I am looking for the Article in GDPR, where it is defined, that a documented Personal Data Protection Policy is mandatory to be compliant. Advisera is referring to Article 24. Isn't a documented DPIA sufficient?

  • Migrated mailbox and keeping the copy of the mailbox

    I am writing to you regarding mailbox migration and keeping the copy for later.
    Is it allowed by ISO and GDPR?


    Hi help me please,
    Do you know who to contact to request for SAR under GDPR from Google UK?

  • DPIA for COVID-19 Remote Work Environment

    We are existing customer with GDPR DPO Certification & GDPR/ISO 27000 Toolkit --> Question: Is there any documentation on how to perform DPIA for home workers during COVID-19 pandemic?

  • GDPR applicability in the UK

    Does that mean since UK is no longer under EU, that means GDPR does not apply to them anymore?

  • Data protection and using WhatsApp

    I work for a mental health charity. My staff are now working from home. Can you give me any guidance on what I should be advising? Also is it safe for staff to communicate with clients via WhatsApp?

  • EU GDPR DPO Course - Retention Schedule - Module 4

    For a data retention schedule, is the presenter saying that the plan may include archival of data "in-line with specifications" or that, as an example, in line specifications may be archived. If so, can you define "in-line specifications"?

  • GDPR and the relation whit CCPA

    I need some advice on how to manage both CCPA and GDPR.

  • Employment matter

    I am a Social Worker working in a local authority through a recruitment agency. When I got a pay increase my recruitment agency did not make me aware of this. Given that they refused to provide the evidence as to when my pay rate was increased, I requested for access to records. My agency refused to provide this. I decided to change to a different agency. The middleman between my agency and the Local Authority I worked with said that they cannot allow me to change to another agency because my recruitment agency has not breached my employment right. I would like to know if the middleman is right or whether my recruitment agency has breached any law. Has my agency breached right to access under GDPR

  • Purpose of a company´s Data Protection Policy

    Which of the following is the purpose of a company´s Data Protection Policy?

    1. A Data Protection Policy allows the company to guide its employees on key aspects of GDPR that are applicable to the company.
    2. A Data Protection Policy allows the company to demonstrate transparency towards its clients.
    3. A Data Protection Policy allows the company to formulate data protection principles in line with the GDPR.
    4. All of the above.

    I picked the ‘first answer’ during the exam because as stated in the course material practice exam p.64 ‘A Data Protection Policy is defined by the company to provide its employees with a relevant interpretation of GDPR in the context of the company’. The second answers ‘demonstrate transparency towards its clients’ is incorrect because Data Protection Policy is an internal document (course material p.62) and demonstrate transparency towards its client is the purpose of Privacy Notice (course material Module 3 p.17) not Data Protection Policy. The third answer is somewhat correct according to course material p.62 but not totally as the company is not formulating new principles in line with GDPR, it is applying already existed GDPR principles (requirements) to the company’s processing activities. But again there wasn’t an option in the exam for me to pick 2 right answers.

    Could you please confirm the intent of this question? Or if it was a technical error on the exam question setup to pick more than 1 answer?

Page 8 of 75 pages