EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Certification Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 22301
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Local language

    As a German company may we create the documents in English only?

  • IT organization

    A small IT organization manages another companies IT infrastructure. Though they do not actually "view or access" the records of the controllers data, they do move files and perform everyday automated functions (backups for example) and also perform manual restores or changes to file permissions for example. They are therefore a Processor, but should each activity be logged / recorded ?

  • Creation of the GDPR privacy notice

    I am hoping you can clear up a couple of questions regarding the creation of our GDPR privacy notice using your template.

  • Databases compliant with the GDPR

    As a non-profit organisation, we don't sell products, but send emails to promote our activities. We use 2 types of databases:

  • Categories of Personal Data

    In the Inventory of Processing Activities Document, there is a column labelled „Categories of Personal Data“. The question is: What do we place in that column? Is it all the data included in this processing activity, which can be a lot of information, or is it only the data that directly identifies the „Data Subject“?

  • Contract with processors

    I have a question regarding GDPR relating to processor in the US. They refuse to take on liability for material breach of GDPR rules from their end .Is that not what ought to be common standard here?

  • Third Party and cross border transfer data

    1. What the difference between data Recipient and Third Party?

  • Personal data protection policy

    1. What is the main difference between the Personal data protection policy and the Employee Personal data protection policy? Do I need both of them?

  • Marketing activities

    I have a hypothetical scenario…

  • Data Processor Addendum

    I have a question on whether we would require to sign a Data Processor Addendum that Customers are requesting. We supply Reporting Software, we are not a cloud based solution and request a users name/email address when they register to use the application for the first time. We also provide a Support Portal (online) that requests a separate name/email address for access. One other element is that our products can send back product usage information identified by the person using the product (this is optional by the user).
Page 82 of 97 pages