Search results

Tinder Account Banned - removing my data

The legal basis for processing personal data is to fulfill a contract obligation, that is provide you access to the platform of Tinder. Tinder can store your personal data (Apple ID in order to verify the user) as long as they provide you the service and even after the termination of the contract if there is any reason (legal action, bookkeeping requirements, tax laws provisions) that requires Tinder to store such information.

Under Article 15 GDPR, you have the right to ask Tinder to let you know exactly what kind of data they process, what is the legal basis of data processing, and how long the data will be stored, according to the minimization principle, to delete any personal data that is not necessary to be processed anymore (i.e. if you did not make any purchase, there might be no reason to store the credit cards details and demand them to delete it) as stated in Article 17 par. 1 a) GDPR.

Tinder might reject your request by claiming to have the right to store your personal data, if you believe that your rights are compressed you can lodge a complaint to the Supervisory Authority of your home country.

Here you can find more information on data subjects rights and the right to be forgotten:

• Data subject rights according to GDPR https://advisera.com/eugdpracademy/knowledgebase/8-data-subject-rights-according-to-gdpr//
• Right to be forgotten in the era when everyone seems willing to be remembered https://advisera.com/eugdpracademy/blog/2019/08/26/gdpr-right-to-be-forgotten-an-easy-explanation/ 

To understand which are the data subjects rights and how to protect them under GDPR you can consider enrolling in our free online training EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course//

Post-market surveillance

Concerning ISO 9001:2015:

• Clause 8.2.1 c) – states that communication with customers should include getting customer feedback, including customer complaints
• Clause 8.5.5 – states a set of activities that should be considered after delivering a product or service like any guaranty, any repair, any complaint, any feedback
• Clause 9.1.2 – states monitoring customer satisfaction 

You can find more information below:

• Handling customer satisfaction with code of conduct and complaints procedure - https://advisera.com/9001academy/blog/2014/07/15/handling-customer-satisfaction-code-conduct-complaints-procedure/
• How the ISO 9001:2015 standard can help improve relationships with your customers - https://advisera.com/9001academy/blog/2016/02/23/how-the-iso-90012015-standard-can-help-improve-relationships-with-your-customers/
• Main elements of handling customer satisfaction in ISO 9001 - https://advisera.com/9001academy/blog/2014/07/01/main-elements-handling-customer-satisfaction-iso-9001/
• Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ 
   

GMP accreditation

There is no mandatory requirement that cosmetic companies need to be certified according to the ISO 9001. ISO 22716:2007 does not require a quality management system in total. Understanding global cosmetics product safety is an essential factor in implementing ISO 22716.

In ISO 22716, there is no need for the Quality manual, Management review. It requires an internal audit, a system for deviation (corrective actions, non-conforming products, out of specification product). Of course, all procedures covering the production process, traceability, hygiene rules, and GMP requirements are necessary. 

The combination of ISO 9001 and ISO 22716 connects cosmetic product safety with overall business improvement tools.

Here you can see some information regarding ISO 9001:

• Free Gap Analysis Tool https://advisera.com/9001academy/iso-9001-gap-analysis-tool/
• Should you use a gap analysis in your ISO 9001 implementation? https://advisera.com/9001academy/17/use-gap-analysis-iso-9001-implementation/
• Checklist of ISO 9001 implementation & certification steps https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
• ISO 9001 Implementation diagram https://info.advisera.com/9001academy/free-download/iso-9001-implementation-diagram

• ISO 27017 training presentation

  For an ISO 27017 you can use this material:

  • Why ISO 27001 – Awareness presentation (MS PowerPoint) https://info.advisera.com/27001academy/free-download/why-iso-27001-awareness-presentation - this presentation template will give you the bases for the presentation
     ISO 27001 vs. ISO 27017 – Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/ - this article will provide you specific information about ISO 27017 to include in the presentation

  For further information, see:

  • How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/

  This material can also help you:

  • Free Security Awareness Training: https://advisera.com/training/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security.

• Can ISO 27001:2013 be certified against multiple legal entities?

  It is possible to have a single certification for multiple companies, provided that the ISMS scope covers elements of all companies (e.g., processes, information, and/or locations). Of course, all entities will have to go through all certification process together.

  Adopting a single certificate for all entities or separate ones for each entity is a business decision, depending on their objectives and strategies, but in general, organizations adopt the model of one certification for each entity, because a change in an entity does not impact the certification of other entities.

  These articles will provide you a further explanation about scope definition:

  • How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
  • Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/

  This article will provide an additional explanation about single certification for multiples entities (although it is about ISO 9001, the same concept applies to ISO 27001):

  • Certifying different legal entities under one certification scope in ISO 9001 https://advisera.com/9001academy/blog/2018/03/27/certifying-different-legal-entities-under-one-certification-scope-in-iso-9001/ 

  These articles will provide you a further explanation about implementing ISO 27001:

  • What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
  • ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
  • How long does it take to implement ISO 27001 / BS 25999? https://advisera.com/27001academy/blog/2011/11/08/how-long-does-it-take-to-implement-iso-27001-bs-25999/ - this is the timing that is needed for companies that use our toolkits

  These materials will also help you regarding ISO 27001 implementation:

  • Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
  • ISO 27001 Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

  To see how documents used to implement ISO 27001 looks like, please take a look at the free demo templates of our ISO 27001 Implementation Toolkit in this link: https://advisera.com/27001academy/iso-27001-documentation-toolkit/

• ISO 14001 Risk assessment example

  Let us consider three sources of risk. Risk derived from processes, risk derived from products, and risk derived from the context and interested parties.

  

  There is the risk that the operation of a wastewater treatment plan fails and due to that malfunction, the treated wastewater may have pollutants above legal limits.

  

  There is the risk that product disposal at the end of life may not be done by the consumer according to legal practices.

  

  General public, society, is pressuring politicians to restrict the extraction of a raw material used by an organization. If that pressure succeeds the organization may find progressive difficulty in accessing that same relevant raw material.

  Please check this information below with more detailed answers:

  • ISO 14001 risks and opportunities vs. environmental aspects - https://advisera.com/14001academy/blog/2016/03/21/how-does-product-life-cycle-influence-environmental-aspects-according-to-iso-140012015/
  • ISO 14001 document template: Procedure for Identification and Evaluation of Environmental Aspects and Risks - https://advisera.com/14001academy/documentation/procedure-for-identification-and-evaluation-of-environmental-aspects/
  • Enroll for free in this course – ISO 14001:2015 Lead Auditor Course - https://advisera.com/training/iso-14001-lead-auditor-course/
  • Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/

   

• ISO 9001 DI controls visibility

  No, you do not need to add DI controls visibly.

  What is the purpose of a version or date?

  Ensure that users know which version they are using and be able to verify that it is the latest version. How can users be sure that they are using the last version of the complaints policy? As long as they are using the digital version that is ensured. Some organizations use a message saying that a printed version is a noncontrollable copy and users should be aware of that risk.

  You can find more information about documentation below:

  • Some tips to make Document Control more useful for your QMS - https://advisera.com/9001academy/blog/2014/05/20/tips-make-document-control-useful-qms/
  • Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
  • Book - Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/
     

• ISO 9001 questions

  "First question-What questions should be asked in accordance with iso 9001-2015 for internal audit examination at the teaching and student affairs department within the university?"

  Answer:

  Auditors carry out audits not because they want or like, but because they have customers, internal or external, who need an audit to be carried out. These clients, when awarding an audit, communicate three things to the auditor: the objectives of the audit; the scope of the audit and the audit criteria. The questions to be asked during an audit are based on the purpose of the audit and, above all, on the audit criteria. For example, ISO 9001: 2015 requires an organization to assess its customers' perception of their satisfaction. A set of questions can be asked around this topic: how to measure, how to analyze, and if it was done, and what were the conclusions, and what were the decisions, and what evidence can be presented.

  Second question- There will be risks in teaching, practice and student affairs at the university.Please share to learn more.

  Answer:

  Think about what can go wrong. For example, a teacher becomes ill and needs to be replaced with the least amount of damage to student learning. For example, some newspaper articles convey a positive image of the school, which makes the enrollment of new students drop sharply.

  Third question-What topics and topic to study if implementing the quality assurance path under iso 9001-2015 at the university? "

  Answer:

  Two important topics are around clause 4.2 and 4.4.

  About clause 4.2 - Who are the interested parties of the university? What do they need and expect from the university? For example, there are universities known to be easy to pass, there are universities known to excel at a certain topic. That depends on the target interested parties.

  About clause 4.4 – Study the process approach and draw a model of how the university works. ISO 9001:2015 promotes the process approach, but many people don’t get it.

  You can find more information below:

  • About context and interested parties you can see this free webinar on demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - - where I present examples of interested parties and their requirements and expectations.
  • How to determine interested parties and their requirements according to ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/11/10/how-to-determine-interested-parties-and-their-requirements-according-to-iso-90012015/
  • Please check this free webinar on demand - The Process Approach - What it is, why it is important, and how to do it - https://advisera.com/9001academy/webinar/iso-9001-process-approach-free-webinar-on-demand/ - where I explain how to develop process mapping, drawing a model of how an organization works, based on the process-approach, and how to draw a flowchart describing each process.
  • Webinar - Free webinar on demand - How to perform an ISO 9001:2015 internal audit - https://advisera.com/9001academy/webinar/how-to-perform-an-iso-9001-2015-internal-audit-free-webinar-on-demand/
  • Free online training ISO 9001:2015 Internal Auditor Course: https://advisera.com/training/iso-9001-internal-auditor-course/
  • Book - ISO internal audit: A plain English guide: https://advisera.com/books/iso-internal-audit-plain-english-guide/
  • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

• ISO 14001 objectives for consultants

  Before setting objectives, organizations have to define an environmental policy. A good environmental policy considers the scale and environmental impacts of its activities, products, and services. So, the relevant environmental objectives of an organization must be based on significant environmental impacts.

  Once I implemented an environmental management system at a consulting company, for that particular organization their biggest environmental impact was related to consultants' travel to projects with clients.

  You can find more information below:

  • How to Use Good Environmental Objectives - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/how-to-use-good-environmental-objectives/
  • Examples of ISO 14001 objectives based on the different company sizes - https://advisera.com/14001academy/blog/2019/10/22/iso-14001-objectives-examples-for-different-company-sizes/
  • Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
  • Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/

• Importance of the security issues

  Please note that there is no single answer to this question because you have different publics with different interests:

  • Top management needs to make decisions over issues that many times are not so clear for them, and they do not need deep knowledge about technicalities of security issues (they will be more concerned about how it impacts the business). In these cases, evangelization is a good approach
  • technical personnel with operational responsibilities for security needs deep knowledge over technologies, methodologies, and process, so education and training will get you better results
  • overall personnel needs a basic understanding of security, to properly identify, report, and react to risky situations. In these cases, awareness and basic instruction would be enough

  These articles will provide you a further explanation about awareness in the organization:

  • What are the benefits of security awareness training for organizations? https://advisera.com/27001academy/blog/2019/03/27/what-are-the-benefits-of-security-awareness-training-for-organizations/
  • 8 Security Practices to Use in Your Employee Training and Awareness Program https://advisera.com/27001academy/blog/2015/03/02/8-security-practices-to-use-in-your-employee-training-and-awareness-program/
  • How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/
  • Top management perspective of information security implementation https://advisera.com/27001academy/blog/2012/12/04/top-management-perspective-of-information-security-implementation/

  These materials will also help you regarding the awareness in the organization:

  • Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
  • ISO 27001 Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
  • Free Security Awareness Training: https://advisera.com/training/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security.