Expert Advice Community

Guest

GDPR Compliance

  Quote
Guest
Guest user Created:   Sep 30, 2019 Last commented:   Sep 30, 2019

GDPR Compliance

1. We have an internal collaboration application in our Organization (that each employee has his/her own Profile, Posts …etc.) that is connected to Active Directory that access some employees personal data. This application is accessing all our internal systems such as Travel System, Suppliers System, Compensation & Benefits, HR systems ..etc.
Based on this case, do you believe that we need to ask our employees to sign a consent for processing their personal data, taking into consideration that the employment contract includes a section for Confidentiality of Information that doesn’t include any sentence related to personal data processing only copyrights and confidentiality of project/company-related information disclosure.

2. Our Internal Systems (HR, are using cookies, Do we need to create/add a pop-up message with a link to our Cookies Policy in the pop-up box message?

3.  As mentioned above, we have Confidentiality of Information section stated in the employment contract, Is this section sufficient or do we need to ask our Employees to Sign NDA (non-disclosure agreement) that include a special section for GDPR Compliance requirements specifically.

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Sep 30, 2019

1. We have an internal collaboration application in our Organization (that each employee has his/her own Profile, Posts …etc.) that is connected to Active Directory that access some employees personal data. This application is accessing all our internal systems such as Travel System, Suppliers System, Compensation & Benefits, HR systems ..etc.
Based on this case, do you believe that we need to ask our employees to sign a consent for processing their personal data, taking into consideration that the employment contract includes a section for Confidentiality of Information that doesn’t include any sentence related to personal data processing only copyrights and confidentiality of project/company-related information disclosure.

I would not recommend using consent when processing personal data of employees as most likely the consent will not be considered freely given due to the imbalance between the position of the employee and the employer. I suggest using legitimate interest as a lawful ground for processing if appropriate.

2. Our Internal Systems (HR, are using cookies, Do we need to create/add a pop-up message with a link to our Cookies Policy in the pop-up box message?

For the cookies that are not strictly necessary for the functioning of the website, I strongly recommend obtaining consent, especially for tracking and advertising cookies.

3.  As mentioned above, we have Confidentiality of Information section stated in the employment contract, Is this section sufficient or do we need to ask our Employees to Sign NDA (non-disclosure agreement) that include a special section for GDPR Compliance requirements specifically.

Including confidentiality clauses that include a reference to personal data is the same as signing NDAs.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 30, 2019

Sep 30, 2019

Suggested Topics

Guest user Created:   Jun 24, 2021 EU GDPR
Replies: 1
0 0

GDPR Compliance questions

Guest user Created:   Feb 17, 2021 EU GDPR
Replies: 1
0 0

Mobile app GDPR compliance

Guest user Created:   Sep 21, 2020 EU GDPR
Replies: 1
0 0

EU GDPR compliance