Hi all, keen to hear some other thoughts. I work for a large Charity and they support University students. They post content on IG and want to know if they can message students to engage with them, if the student ...
Discy Latest Questions
Hi all, Can one person be a DPO for a company based in the EU and the UK? I am the DPO for the EU entity however there is no counterpart in the UK side of the business and I ...
HR staff are required to undertake three yearly risk assessments in respect of existing staff that have previously needed a DBS check. The DBS Govt Guidance is specific as to what data is kept for a DBS check. The ...
What role (controller or processor) would you allocate to a vendor who the only personal data processed by them as part of the service provided to client is client’s employees data to login to their service and use it for ...
I have a letter from a doctor confirming that if we release records, it will be detrimental to the data subject’s mental health. Does anyone have example of wording used to convey this to the data subject?
Some time ago, the ICO issued an action (might have been a penalty, but could be an enforcement) in which they disregarded a data processing agreement and deemed that an organisation was acting as a controller, despite the fact the ...
Is there a difference between the EU GDPR and UK GDPR? Does EU GDPR somehow apply now in the UK?