Sign Up

What is 5 + 2?

Have an account? Sign In Now

Sign In

What is 5 + 2?

Forgot Password?

Don't have account, Sign Up Here

Forgot Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

What is 5 + 2?

Have an account? Sign In Now

Please type your username.

Please type your E-Mail.

Please choose an appropriate title for the question so it can be answered easily.
Please choose the appropriate section so the question can be searched easily.

Type the description thoroughly and in details.

What is 5 + 2?

Sign InSign Up

Watercooler by DPOrganizer

Watercooler by DPOrganizer Logo Watercooler by DPOrganizer Logo

Watercooler by DPOrganizer Navigation

Search
Ask A Question

Mobile menu

Close
Ask a Question
  • Home
  • Categories
    • GDPR
    • Privacy Management
    • Professional Development
    • Software tips and tricks
    • Polls
  • Help
  • About Watercooler

HellenB

Silver contributor
11Followers
2Questions
Home/ HellenB/Answers
  • About
  • Questions
  • Polls
  • Answers
  1. Asked: June 27, 2021In: GDPR

    Special Category Data and Age

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Added an answer on June 28, 2021 at 10:30 am

    This is why data protection takes such thought! Age is a protected characteristic in English Law, i.e. there are specific protections to ensure there is no discrimination in employment, justice, social care etc. It isn't however classified as sensitive personal data for data protection purposes. TheRead more

    This is why data protection takes such thought!
    Age is a protected characteristic in English Law, i.e. there are specific protections to ensure there is no discrimination in employment, justice, social care etc.
    It isn’t however classified as sensitive personal data for data protection purposes.
    The governance pathway therefore is that there has to be purpose and legal basis for processing, with additional policy considerations that are the responsibility of other professionals within the organisation for its operational use.

    See less
    • 2
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  2. Asked: June 22, 2021In: GDPR

    Gender and Special Category Data

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Replied to answer on June 25, 2021 at 7:46 pm
    This answer was edited.

    You are absolutely right in that it is very complex. Maybe a simpler way would be to think about the one defining factor for all sensitive data - that all of them 'could' result in prejudice/affect human rights. Defining yourself as a 'man' or a 'woman' will have a nominal affect (in theory!) but thRead more

    You are absolutely right in that it is very complex.
    Maybe a simpler way would be to think about the one defining factor for all sensitive data – that all of them ‘could’ result in prejudice/affect human rights.
    Defining yourself as a ‘man’ or a ‘woman’ will have a nominal affect (in theory!) but there are those who think that defining yourself as ‘non-binary’ is an affectation and will attach other labels to you including suppositions about your sexuality, sex life etc.

    See less
    • 1
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  3. Asked: June 23, 2021In: GDPR, Privacy Management

    UK based call centre recording calls of international callers – consent required or not

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Replied to answer on June 25, 2021 at 7:32 pm

    In which case you either need to change your system or you need to stop recording - neither is going to be easy or cheap. Or you run systems in parallel, one that records and one that doesn't. Still not easy. Sorry!

    In which case you either need to change your system or you need to stop recording – neither is going to be easy or cheap.
    Or you run systems in parallel, one that records and one that doesn’t. Still not easy.
    Sorry!

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  4. Asked: June 14, 2021In: GDPR

    Does a EU website need a cookie consent popup?

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Added an answer on June 23, 2021 at 10:52 am

    Yes - plus any website which offers, or appears to offer, goods and services to EU residents also has to have one. So unless you make it explicitly clear that you can't/don't do this, you have to have cookie consent management.

    Yes – plus any website which offers, or appears to offer, goods and services to EU residents also has to have one.
    So unless you make it explicitly clear that you can’t/don’t do this, you have to have cookie consent management.

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  5. Asked: June 17, 2021In: GDPR

    Indirect suppliers

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Added an answer on June 23, 2021 at 10:49 am

    I would agree with Dominga. The company's duty in recommending the product is to do the appropriate due diligence to ensure that it conforms with the company's general privacy policy. It shouldn't be sharing employee data with any third party without consent in this instance

    I would agree with Dominga.
    The company’s duty in recommending the product is to do the appropriate due diligence to ensure that it conforms with the company’s general privacy policy. It shouldn’t be sharing employee data with any third party without consent in this instance

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  6. Asked: June 22, 2021In: GDPR

    Gender and Special Category Data

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Replied to answer on June 23, 2021 at 10:46 am

    Hi Dominga I would define it as such because it isn't a biologically assigned gender (unless an individual is intersex or has a medical condition), it is a self-determined gender assignment and therefore individuals who define themselves in this way deserve additional safeguards because they may beRead more

    Hi Dominga
    I would define it as such because it isn’t a biologically assigned gender (unless an individual is intersex or has a medical condition), it is a self-determined gender assignment and therefore individuals who define themselves in this way deserve additional safeguards because they may be subject to prejudice as a result of their declaration.
    Does this make sense?

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  7. Asked: June 23, 2021In: GDPR, Privacy Management

    UK based call centre recording calls of international callers – consent required or not

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Added an answer on June 23, 2021 at 10:43 am

    You are a UK domiciled company, you have to treat all data the same, i.e. if it was UK resident data. Consent isn't the only legal basis for recording calls, and it would only work if the system can actually stop the recording of individual calls on request and can identify that the call is from a cRead more

    You are a UK domiciled company, you have to treat all data the same, i.e. if it was UK resident data.
    Consent isn’t the only legal basis for recording calls, and it would only work if the system can actually stop the recording of individual calls on request and can identify that the call is from a country that requires consent. Remember that an automated system might decide that a call from Germany requires consent but it is actually a caller from the UK on holiday in Germany so it wouldn’t.
    For instance: saying ‘we record calls for training and monitoring purposes’ when you do nothing with them and using legitimate interest as your legal basis doesn’t stand up.
    So before going down the rabbit hole of trying to discover which countries have different rules, I would investigate whether you have a system capable of dealing with the outcome of your investigations and whether indeed you have a real purpose for recording calls in the first place.

    See less
    • 1
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  8. Asked: June 14, 2021In: GDPR

    Writer’s HQ Privacy policy

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Added an answer on June 22, 2021 at 4:59 pm

    I use this all the time as an example of how your Privacy Notice should reflect your organisation's values. It might not have every single element it should have, but it has been done with a lot more thought that some of the legal sounding ones I have to correct.

    I use this all the time as an example of how your Privacy Notice should reflect your organisation’s values.
    It might not have every single element it should have, but it has been done with a lot more thought that some of the legal sounding ones I have to correct.

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  9. Asked: June 22, 2021In: GDPR

    Gender and Special Category Data

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Added an answer on June 22, 2021 at 4:58 pm

    As Dominga says, it is very dependent on how you phrase the question and also that you need to have a clear reason for asking it. For instance, knowing the gender identity might enable you to create initiatives to increase inclusivity. But if you don't have a clear reason for processing this data thRead more

    As Dominga says, it is very dependent on how you phrase the question and also that you need to have a clear reason for asking it.
    For instance, knowing the gender identity might enable you to create initiatives to increase inclusivity. But if you don’t have a clear reason for processing this data then you shouldn’t be collecting it.
    Once you add in an option such as non-binary then you are into special category data territory and that is explicit consent under Art 9

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  10. Asked: May 24, 2021In: GDPR, Privacy Management

    FADP

    HellenB

    HellenB

    • 2 Questions
    • 83 Answers
    • 0 Best Answers
    • 79 Points
    View Profile
    HellenB Silver contributor
    Added an answer on May 25, 2021 at 8:52 am

    The best comparison I have seen can be found here: https://www.mll-news.com/wp-content/uploads/2020/12/Overview_Swiss_FADP_GDPR_English_Final_181220.pdf

    The best comparison I have seen can be found here:
    https://www.mll-news.com/wp-content/uploads/2020/12/Overview_Swiss_FADP_GDPR_English_Final_181220.pdf

    See less
    • 2
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
1 2 3 … 9

Sidebar

Ask A Question

Trending contributors

DP-Pro

DP-Pro

  • 14 Answers
Bronze contributor
Magnus T

Magnus T

  • 7 Answers
Rising star contributor
Dave_Wylie

Dave_Wylie

  • 24 Answers
Bronze contributor
JeremyClarkson

JeremyClarkson

  • 3 Answers
d9d9d9

d9d9d9

  • 9 Answers
Rising star contributor

Recent questions

  • Ange Seivewright

    I am curious - has anyone found dashboard type software ...

    • 0 Answers
  • Ange Seivewright

    It's that dreaded time! I need to put together some ...

    • 0 Answers
  • Anonymous

    PII v PI

    • 1 Answer
  • Anonymous

    Monthly Reporting to business leadership team

    • 0 Answers
  • Anonymous

    US marketing laws

    • 1 Answer

Explore

  • Home
  • Categories
    • GDPR
    • Privacy Management
    • Professional Development
    • Software tips and tricks
    • Polls
  • Help
  • About Watercooler

Footer

Your privacy

  • Cookie notice
  • Privacy notice

Terms and policy

  • Acceptable Use Policy
  • Terms of Use

© 2021 DPOrganizer. All Rights Reserved. With Love by DPOrganizer.