EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

4140
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

366
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Standard Contractual Clauses

    I have a question about what detail to include in the Appendix 2 in the Standard Contractual Clauses. How much detail is required when providing a “Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached)?

  • Data processor

    We are a data processor under the GDPR. Can you please advise how relevant your GDPR templates are for us as they appear to designed for Data Controllers?

  • Privacy Notices

    1. We are screen grabbing comments and sending to clients from Facebook, that includes names/comments of other Facebook users. We use these in our reports and send to clients. Are we able to still do this?

  • Standard list of types of personal data

    We were wondering if there was a standard list of types of personal data, we have a list from a customer that defines 9 types including “Financial Data” and “Employment Details” etc.? Also is there a standard list of Categories of Data Subject, again we have a list of 9 from a customer including “Agents and Contractors” and “Suppliers” etc?

  • Process for changing purpose

    Where a new, and formerly not envisaged purpose for using previously collected data defined, and where the original purpose was covered by a "blanket" legal ground, such as “legitimate interest" and so is the new purpose, is it still required to acquire consent from the data subjects. (as suggested in the template Privacy Policy). Or would an update to the Privacy notice for the particular processing activity be sufficient?

  • Data processors

    Is there a version of the GDPR document package, or additional documents that are intended for data processors? I purchased the original EU_GDPR_Documentation_Toolkit, but I really only see documents for data controllers.

  • Company data

    We have already resolved the question about customers in B2B environment, but why doesn't appear in the scope the "customers employees" category..? What the difference between “customers" and “suppliers" from this point of view of their employees..?

  • DPIA

    1. How to conduct PIA or DPIA?

  • EU GDPR document

    In document 6.2 the title reads "Standard contractual clauses for the transfer of personal data from the Community to third countries (controller to controller transfers)- “the community” would appear to need to be changed to “Company”. Please can you confirm.

  • EU GDPR questions

    1. My question is what documentation do we require and what are our responsibilities for both managed and unmanaged services.
Page 86 of 97 pages