Assign topic to the user
1. Does this mean we have to establish a lead supervisory authority fort his activity?
2. If the client from another country manipulates his own data on our server does this constitute a cross border activity?
Answers:
1. First of all when describing your activity you seem to be a processor as regards to the data of your client, so is them (your clients) not you that could identify the lead supervisory authority. Identifying the lead supervisory authority is not mandatory under the GDPR.
2. Cross border data transfer means (under the GDPR) when an Exporter located in a EEA country transfers data to a Importer w hich is located outside the EEA. In your case since you are located in the EEA when you receive data there is cross border data transfer.
Comment as guest or Sign in
Sep 14, 2018