Hi all, keen to hear some other thoughts. I work for a large Charity and they support University students. They post content on IG and want to know if they can message students to engage with them, if the student ...
Discy Latest Questions
Hi all, Can one person be a DPO for a company based in the EU and the UK? I am the DPO for the EU entity however there is no counterpart in the UK side of the business and I ...
HR staff are required to undertake three yearly risk assessments in respect of existing staff that have previously needed a DBS check. The DBS Govt Guidance is specific as to what data is kept for a DBS check. The ...
What role (controller or processor) would you allocate to a vendor who the only personal data processed by them as part of the service provided to client is client’s employees data to login to their service and use it for ...
I have a letter from a doctor confirming that if we release records, it will be detrimental to the data subject’s mental health. Does anyone have example of wording used to convey this to the data subject?
Does anyone add risk scores to individual processing activities within their ROPA? If so, does anyone have a matrix or guidance to help risk assess controls etc to help assign a risk score that they would be willing to share ...
This is the detail : https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ And is anyone attending this event by Tim Turner on it on 03.03.2022 at 14:00 GMT : ? The Great Escape: International Data Transfers from the UK (2 hrs)