Expert Advice Community

Guest

Website and data storage

  Quote
Guest
Guest user Created:   Jul 29, 2019 Last commented:   Jul 29, 2019

Website and data storage

1. I want to build a website for my business and have a section to collect messages for the clients interested in buying or renting a property. Are there any specific requirements?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Jul 29, 2019

Answer:

Yes there are. You would need at least the following three documents Website Terms and Conditions, Website Privacy Notice and Cookie Policy. You can find readily available templates for these three documents in EU GDPR Mini Toolkit for Websites (https://advisera.com/eugdpracademy/pricing/).

2. How much time I need to keep the collected contact data?

Answer:

The EU GDPR does not specify a certain timeframe but you need to keep in mind that the data cannot be processed for more time that is needed to fulfil the purpose for which it is collected in the first place. In your case you may keep the data for as long as it is needed to provide the services to the client and maybe add some more time such as a statute of limitation period. If you want to find out more about retention periods check out this EU GDPR Foundations Course (https://training.adv isera.com/course/eu-gdpr-foundations-course/)

3. Do I need to register to the data protection authority?

Answer:

This depends on the jurisdiction where you are operating. Some Supervisory Authority like the ICO in the UK still require registration while others such as the one in Romania do not require registration. I suggest you check your local supervisory authority website for this information. You can find a list of the Supervisory Authorities in the EU at https://edpb.europa.eu/about-edpb/about-edpb/members_en

4. Can I use a different company for storing the data ?

Answer:

You certainly can. The company you will use for storage services will be acting as you processor if you will be using it to store personal data. When using a processor you need to be compliant with the provisions of art. 28 of the GDPR. If you want to find out more about processors and controllers check out this article EU GDPR controller vs. processor – What are the differences? (https://advisera.com/eugdpracademy/knowledgebase/eu-gdpr-controller-vs-processor-what-are-the-differences/)
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 29, 2019

Jul 29, 2019

Suggested Topics

Guest user Created:   Nov 25, 2019 EU GDPR
Replies: 0
0 0

Information on EU GDPR

Guest user Created:   May 16, 2018 EU GDPR
Replies: 1
0 0

GDPR and private site

Guest user Created:   Jan 29, 2021 EU GDPR
Replies: 1
0 0

GDPR Data Retention