SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

Data protection: IT service provider

  Quote
Guest
Guest user Created:   Mar 03, 2021 Last commented:   Mar 05, 2021

Data protection: IT service provider

I am currently doing my own business as a sole proprietorship with IT services. It is interesting for me to know when I need a declaration of consent / AV contract and what exactly has to be in it.
Specifically, it is about issuing invoices, but also storing customer data in an administrative interface, i.e. personal data, and I think that consent is required, necessary passwords for the customer (WiFi, user accounts) as well as license keys and Device specifications.

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Alessandra Nisticò Mar 05, 2021

You need consent to process a special category of personal data (the so-called sensitive data) and when your data processing goes beyond the fulfillment of a contractual obligation. In your case, when making a contract with a client for your software, the client agrees to data processing for the purposes of the contract: receiving the software, issuing invoices, store the IP, Wi-fi password, location, etc. This set of data you are collecting must be contained in the privacy notice and have as a legal basis the performing of contractual obligation.

However, if you want to process your client’s data for marketing purposes you need to ask a specific consent on it because the client when downloading the software reasonably expected that personal data would be processed to fulfill the obligation.The consent must be specific and given freely so you need to ask your client something like “Do you agree to receive information, promotions, from us?” or “Do you want that your data are shared with our partners for promotional advertisement?” The Client must be aware of the reasons you are asking him consent.

Here you can find more information on the legal basis to process personal data according to the GDPR and what to consider about the GDPR privacy notice:

If you want to learn how personal data are processed under the EU GDPR you may consider enrolling in our free training EU GDPR Foundations course: https://training.advisera.com/se/eu-gdpr-foundations-course//

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 03, 2021

Mar 05, 2021

Suggested Topics

Guest user Created:   May 18, 2022 EU GDPR
Replies: 1
0 0

Data Subject Access Request

Guest user Created:   Apr 04, 2022 EU GDPR
Replies: 1
0 0

Data controllers

Guest user Created:   Mar 14, 2022 EU GDPR
Replies: 1
0 0

Data transfers to 3rd countries