I was wondering if you know of a website that compares the different GDPR articles / recitals / derogations for different countries like UK, Guernsey, Jersey against the EUGDPR itself?
EU GDPR procedures
Kindly advise from where I can trace procedures or forms relating to Information & Access to Personal Data as outlined in Article 13 & 14 of the GDPR; Rectification Procedure; Data Minimization Procedure; Erasure Procedure as authorized from the data subject; Disposal of personal data procedure after retention period; Special categories of personal data procedure; Records Management Policy; Restriction of Processing procedure; Profiling procedure; Right to object procedure; Reference letters procedure; Direct Marketing procedure regarding Opt In.
Supplier Data Processing Agreement
I went through the toolkit and I cannot seem to find clauses which I should insert in contracts such as contracts of service, contracts for the purchase of a service or good, contract between us as a controller and respective processors etc. Could you please guide me?
Does GDPR require the use of encryption for protecting/securing personal data? Aside from encryption, pseudonymization, and anonymization, are there other “acceptable” mechanisms for securing the data that’s GDPR-compliant?
We know that best practice is to not have production data in non-production/development environments. However, does GDPR require that production data not be stored in non-prod/dev environments? Or, as long as the non-prod/dev environment is properly secured, then it’s acceptable?
GDPR and possible software changes
I’ve seen that the documents are providing guidelines and formats for the full documentation regarding the AVG. However can you explain me how this reflects on possible software changes (we are a software developer)? We also need to find out what we need to change / provide and why before we actually make changes to the application.
EU GDPR documentation
Is your documentation compliance with Dlgs 196/2003. Part of that Dlgs will be used after 25 may 2018?
Our company wants to hire a external DPO and asked me to be the internal DPO for 2018. My question is, what are my tasks and is this normally the way how it goes? What can I expect from the external DPO and what will be expected from me? Which questions do I need to ask the external DPO?
Publishing personal data
We are in the US and have a facility in the EU. We posted employee birthdays on a monitor in our lobby. Will we be able to do this under GDPR? I assume we will need to get specific consent for this?