LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

GDPR clarifications

  Quote
Guest
Guest user Created:   Dec 02, 2019 Last commented:   Dec 02, 2019

GDPR clarifications

I need some clarifications over the GDPR.

Is consent needed to transfer personal data to other countries outside EU?

Do I need to have a data processing agreement with data controllers?

When can legitimate interest be used as a legal basis?

Do I need to insert data protection specific clauses in work contracts?

Can I delete the data of a former emplyee if he makes a request?

How much time do I have do delete the data?

Thank you

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Dec 02, 2019

Is consent needed to transfer personal data to other countries outside EU?

Not necessarily. Content is needed only as an exemption if the other safeguards in Chapter 5 of the GDPR. If you want to find out more about international data transfers check out this webinar : “How to make personal data transfers to other countries compliant with GDPR” (https://advisera.com/eugdpracademy/webinar/how-to-make-personal-data-transfers-compliant-with-gdpr-free-webinar-on-demand/).

Do I need to have a data processing agreement with data controllers?

Although not mandated by the EU GDPR it is a best practice to have a Controller to Controller Agreement in place. You can find such a template at : https://advisera.com/eugdpracademy/documentation/controller-to-controller-data-processing-agreement/

When can legitimate interest be used as a legal basis?

It can be used but you need to perform a Legitimate Interest Assessment to prove that your interest is not infringing upon the rights and freedoms of the data subjects.

Do I need to insert data protection specific clauses in work contracts?

The GDPR does not specifically require such clauses to be included in the labor agreements however you need to ensure that you have in place appropriate confidentiality clauses.

Can I delete the data of a former emplyee if he makes a request?

The right to be forgotten in not an absolute right especially when we are taking about labor law. As a company you have some legal obligations so you need to ensure that you are not breaking such obligations before deleting the unnecessary data.

How much time do I have do delete the data?

The GDPR allows for one month before you need to respond to a request. However, if the request is complex you can extent the period to a maximum of 3 months. You can find out more about data subject rights in our webinar : Data Subject Rights under the EU GDPR (https://advisera.com/eugdpracademy/webinar/data-subject-rights-under-the-eu-gdpr-free-webinar-on-demand/).

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 02, 2019

Dec 02, 2019

Suggested Topics

Guest user Created:   Feb 07, 2020 EU GDPR
Replies: 1
0 0

Questions regarding GDPR

Guest user Created:   Nov 14, 2019 EU GDPR
Replies: 1
0 0

GDPR applicability