LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

GDPR and company size

  Quote
Guest
Guest user Created:   Feb 27, 2019 Last commented:   Feb 27, 2019

GDPR and company size

Hi, we are a company of 5 people that deals with electronic design and software for third parties; the site does not collect any kind of information but only acts as a showcase. From what I understand we do not have any kind of obligation because the data we manage are those of customers / suppliers and the payroll envelopes are managed by an external company. Correct? Do we have to do some sort of document or have the letters of assignment signed by those who manage the paychecks and the accountant?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Feb 27, 2019

Answer:

This is not entirely true as the company is still the controller in regards to the personal data of its employees regardless of their number. The fact that you are using a third party supplier as a data processor requires you to have a Data Processing Agreement in place with the external company pursuant to Article 28 of the EU GDPR. If you want to find out more about the EU GDPR, check out this free EU GDPR Foundations Course (https://training.advisera.com/se/eu-gdpr-foundations-course//).
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 27, 2019

Feb 27, 2019

Suggested Topics

Guest user Created:   Feb 15, 2018 EU GDPR
Replies: 1
0 0

Data Transfer Agreement

Guest user Created:   Nov 30, 2017 EU GDPR
Replies: 1
0 0

SaaS providers and EU GDPR