Expert Advice Community

Guest

Privacy Notice Webinar - EU GDPR Premium Kit questions

  Quote
Guest
Guest user Created:   Sep 15, 2022 Last commented:   Sep 18, 2022

Privacy Notice Webinar - EU GDPR Premium Kit questions

1. Tudor Galos mentioned using a four column table in a privacy notice. I didn’t get the column details quickly enough. Were they “category of data subject”, “personal data to be processed”, “purpose”, “legal basis”?

 2. TG also referred to the kit containing granular privacy notice. Did he just mean that you provide different ones for e.g. employees, supplier employees, web users etc?

 3. Our privacy notice should give the supervisory authority a data subject can complain to. We are based in the UK so obviously we give the ICO for UK residents. We process the personal data of EU residents, mainly from Germany, France and Spain. We have appointed an EU Representative with an address in Germany as that is where the majority of the data subjects are. Which EU supervisory authority should be put in the privacy notice?

4. When dealing with a corporate client or supplier, we may well be given the personal data – usually contact details – of other staff members. How do deal with notifying them that we have their details. Commercially, it would be a bit odd if every time we emailed them direct. I could see us upsetting clients!"

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Tudor Galos Sep 18, 2022
1. Tudor Galos mentioned using a four column table in a privacy notice. I didn’t get the column details quickly enough. Were they “category of data subject”, “personal data to be processed”, “purpose”, “legal basis”?

This was a recommendation on customizing the Privacy Notice template in your Privacy Notices template. The columns I recommended for the association between personal data categories & purposes were “Personal Data Categories”, “Purpose of processing”, “Legal Basis”.

2. TG also referred to the kit containing granular privacy notice. Did he just mean that you provide different ones for e.g. employees, supplier employees, web users etc?

Yes, I was referring to the privacy notices you have in EU GDPR Premium Documentation Toolkit. In general, if you have a specific processing operation, different than the ones you had until now, you might choose to write a new privacy notice to inform the affected data subjects.

3. Our privacy notice should give the supervisory authority a data subject can complain to. We are based in the UK so obviously we give the ICO for UK residents. We process the personal data of EU residents, mainly from Germany, France and Spain. We have appointed an EU Representative with an address in Germany as that is where the majority of the data subjects are. Which EU supervisory authority should be put in the privacy notice?

For people in the EU you could provide the details of the EU Representative and of the relevant data protection authority in Germany, from the region your EU Representative is established.

4. When dealing with a corporate client or supplier, we may well be given the personal data – usually contact details – of other staff members. How do deal with notifying them that we have their details. Commercially, it would be a bit odd if every time we emailed them direct. I could see us upsetting clients!
If you are dealing with a corporate client or supplier, for the business relationship interactions – invoicing, emails with key updates, support, etc – you are both data controllers. If your client/supplier is giving you details of other staff members, they are responsible for the processing and they should make sure that they inform their staff about this processing (transfer of information to you).

Please also consult these resources:

Tudor Galos
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 15, 2022

Sep 18, 2022

Suggested Topics

Guest user Created:   Oct 04, 2022 EU GDPR
Replies: 0
0 0

Board/Forum registration

Guest user Created:   Oct 03, 2022 EU GDPR
Replies: 0
0 0

Data privacy

Guest user Created:   Oct 03, 2022 EU GDPR
Replies: 1
0 0

GDPR - which mailing is allowed?