SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1916
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Privacy by design and privacy by default

    Although I have 25 years’ experience as a consultant, trainer and auditor in the field of ISO management systems, I have thoroughly enjoyed the above webinar; very clear texts and explanations meeting my expectations! I have one question related to Privacy by design and privacy by default; this was already bothering me when I followed training regarding GDPR: although it may be my fault, it is still not yet clear what the exact difference(s) is/are between both approaches. Perhaps some example could highlight the differences.

  • Does Zoom need to be considered as a processor

    If personal data is visible during a Zoom call (e.g. a screen is shared with personal data on the screen or personal data is mentioned verbally) however personal data is not copied and pasted as textual data in Zoom nor is the Zoom call recorded, does Zoom need to be considered as a processor?

  • EU GDPR questions

    1. If a company is based in non-European country wants to transfer European data to non-European country, what are GDPR requirements2. Does a company need to create binding corporate rules if it has only one branch 3. Is there any available approved binding corporate rules approved by authorities to be followed 4. Who should create the data transfer impact assessment the controller or the processor 5. Is there any available Transfer impact assessment template for processor 6. Where can I find the updated version of the controller-processor  SCCs.

  • Data protection

    For our small supermarket we would like to put out pre-order slips for the holidays. The name, phone number and email address of the customer are recorded on the slip and are only used to process the order. What do we have to write on the slip regarding data protection? Thank you very much in advance and best regards

  • Erasure request refusal

    Hello, I have contacted a company that manages a messaging app I used in the past to request information about exercising my right to erasure (Article 17(1) GDPR), since they say they're GDPR compliant. In particular, my question to them was about having my messages/posts (private and public) deleted when they close my account. They say they would refuse to delete these messages, since they argue that would interfere with other users' right to free expression and information (Article 17(3)(a)), as there would be gaps in the conversations potentially leading to misinterpretations or the lack of important context. My questions to you are: 1. are the messages and posts I sent through the app considered personal data under GDPR to the extent that the app would have to delete them under request? 2. is the exception in Article 17(3)(a) a valid ground for refusing this request in this case? Thank you very much for your attention.

  • GDPR and drones

    Hi! I am interested on the rules regulating GDPR and drones usage. I am a researcher working with European projects. Are there any documentrs uoy could suggest? Thank you very much.

  • Transfer impact assessment

    Appreciate your support to answer below questions related to transfer impact assessment 1. Who should create the data transfer impact assessment the controller or the processor 2. Is there any available Transfer impact assessment template for the processor 3. Where can I find the updated version of the controller-processor SCCs

  • Binding Corporate rules

    Appreciate your support to answer below questions 1. If a company is based in non-European country wants to transfer European data to non-European country, what are GDPR requirements 2. Does a company need to create binding corporate rules if it has only one branch 3. Is there any available approved binding corporate rules approved by authorities to be followed

  • Cold Email

    Hello, is it GDPR compliant to send someone a cold email despite not having their consent to email them, if it is for a legitimate reason?

  • Appointing a representative

    I am the sole proprietor of a US company (data controller) providing freelance translation services to customers in a few EU States. I was informed by a GDPR representative company that I needn't appoint a representative. However, as I understand it, if there is a breach involving the data of a data subject located in the EU, I must contact the supervisory authority. Must I contact the authority only in the state where the breach occured, or do I have to contact every member state in which I operate?
Page 8 of 97 pages