SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

4147
Discussions
Expert

Carlos Pereira da Cruz

1916
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Databases compliant with the GDPR

    As a non-profit organisation, we don't sell products, but send emails to promote our activities. We use 2 types of databases:

  • Categories of Personal Data

    In the Inventory of Processing Activities Document, there is a column labelled „Categories of Personal Data“. The question is: What do we place in that column? Is it all the data included in this processing activity, which can be a lot of information, or is it only the data that directly identifies the „Data Subject“?

  • Contract with processors

    I have a question regarding GDPR relating to processor in the US. They refuse to take on liability for material breach of GDPR rules from their end .Is that not what ought to be common standard here?

  • Third Party and cross border transfer data

    1. What the difference between data Recipient and Third Party?

  • Personal data protection policy

    1. What is the main difference between the Personal data protection policy and the Employee Personal data protection policy? Do I need both of them?

  • Marketing activities

    I have a hypothetical scenario…

  • Data Processor Addendum

    I have a question on whether we would require to sign a Data Processor Addendum that Customers are requesting. We supply Reporting Software, we are not a cloud based solution and request a users name/email address when they register to use the application for the first time. We also provide a Support Portal (online) that requests a separate name/email address for access. One other element is that our products can send back product usage information identified by the person using the product (this is optional by the user).

  • Records of consent

    How can someone, who is doing email marketing and that has a good database but has no record of consent - just record of all subscriptions, go seek permission? Are we going to use consent or legitimate interest?”

  • Data Subject Consent Form

    In your documentation toolkit, it's stated "Data Subject Consent Form" is mandatory, I don't understand why should I develop such a form/document for my company that seems will never use it as long as we keep the same purposes of processing personal data. Am I correct?”

  • Scope of the IT Security Policy (Doc 8.1)

    What is the scope of the IT Security Policy (Doc 8.1) included in the EU GDPR Documentation Toolkit?
Page 82 of 97 pages