EU GDPR - Expert Advice Community

Home / EU GDPR

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Privacy notice

    If there is continuing info being collected such as from an employer, notice could only be given once upfront, correct?

  • EU GDPR toolkit documents

    Beside Privacy Notice do we have to make public available other documents related to GDPR?

  • Handling the privacy

    Employer (e.g., xxx) sends us contact information for every employee globally. Occasionally, a user requests to opt out of our system and prefers we forget them. However, information about them is still delivered everyday from the employer. What are the options for us to handle the privacy of the individual while handling the requests of our customer (the individual's employer)?

  • Medical data

    What about medical data provided to a doctor, where we provide an online platform for those doctors to organize their agendas with private data. Should the doctor ask the patient their consent for using our online agenda?

  • Minimum standard

    Is there a minimum standard for notice over phone sales activities?

  • DPO

    Are there fixed qualifications for a DPO, or can a small company nominate a member of staff to be a DPO? Should they be referred to as something else instead?

  • Inventory of processing activities

    Do you have generic lists with 1) the most used processing activities (i.e. for the processing inventory) and 2) general documents for the retention schedule? I had hoped these two documents in particular came pre-populated so that they would be easy to adapt by deleting non-relevant and adding company specific.

  • 3rd Party Integrator Question

    Frequently we connect our platform to another vendors system to share data through a web service or integration. We are not subcontracting this vendor. The Data Controller may select multiple vendors to work together to provide a total solution for managing all aspects of a conference or trade show.

  • Representative srvices

    Based on the Advisera GDPR Doc: 4.2 Personal Data Protection Policy - 8.2.3 Main Establishment for Non-EU Companies for Data Controllers and Processors: It looks like we are required to have a representative in the EU… is this a service Advisera offers? If so, can you relay the cost structure?

  • SAAS type services

    Since we do have a SAAS application we’re struggling with the scope. We’ve roughly 2 things to take care off:
Page 90 of 97 pages