Sign Up

What is 8 + 4?

Have an account? Sign In Now

Sign In

What is 8 + 4?

Forgot Password?

Don't have account, Sign Up Here

Forgot Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

What is 8 + 4?

Have an account? Sign In Now

Please type your username.

Please type your E-Mail.

Please choose an appropriate title for the question so it can be answered easily.
Please choose the appropriate section so the question can be searched easily.

Type the description thoroughly and in details.

What is 8 + 4?

Sign InSign Up

Watercooler by DPOrganizer

Watercooler by DPOrganizer Logo Watercooler by DPOrganizer Logo

Watercooler by DPOrganizer Navigation

Search
Ask A Question

Mobile menu

Close
Ask a Question
  • Home
  • Categories
    • GDPR
    • Privacy Management
    • Professional Development
    • Software tips and tricks
    • Polls
  • Help
  • About Watercooler
Home/ Questions/Q 8275
Next
In Process
Anonymous
  • 0
Asked: October 17, 20212021-10-17T22:53:12+01:00 2021-10-17T22:53:12+01:00In: GDPR

Generating leads with a marketing company….

  • 0

I’m currently engaged in a ‘stand off’ with a marketing company. We are using them to generate ‘marketing qualified leads’ that we follow up. We are not sharing any data with the marketing company ie not providing any names etc. How the marketing company ‘generate’ these leads is unknown to us.

I’m repeatedly being asked to sign a joint controller agreement however fail to see how we are joint controllers. I do not want to accept any liability if the data has been collected in a manner inconsistent with GDPR and as a joint controller I’m worried this may be the case.

  • 2 2 Answers
  • 0 Followers
  • 0
Answer
Share
  • Facebook

    2 Answers

    • Voted
    • Oldest
    • Recent
    1. BlueBottle

      BlueBottle

      • 0 Questions
      • 26 Answers
      • 0 Best Answers
      • 27 Points
      View Profile
      BlueBottle Bronze contributor
      2021-10-20T11:39:09+01:00Added an answer on October 20, 2021 at 11:39 am

      OP – I would argue you are in fact engaged in a controller-to-controller transfer, as you are not determining the purposes and means of processing prior to the leads being given to you.

      The marketing co are sharing data with you, but from that point, is it yours to do as you please with? As in, once you get a lead you’re paying a fee for it, and it’s up to you to convert that into a sale? If so, there’s a clear line in the sand between their and your responsibilities. Theirs end when they transfer data to you, yours begin when you receive it. This is very ordinary in a controller-to-controller transfer.

      • 0
      • Reply
      • Share
        Share
        • Share on Facebook
        • Share on Twitter
        • Share on LinkedIn
    2. DP-Pro

      DP-Pro

      • 0 Questions
      • 15 Answers
      • 0 Best Answers
      • 15 Points
      View Profile
      DP-Pro Bronze contributor
      2021-10-20T10:14:54+01:00Added an answer on October 20, 2021 at 10:14 am

      Since the GDPR there is no longer the distinction between JOINT CONTROLLERS and CONTROLLERS IN COMMON. However, each of you are responsible for the processing that you undertake for your own purposes. They, for example are controllers for the lawful collection and provision of personal data, you will be responsible for your receipt, follow ups and retention of the personal data thereafter. They would not be providing you with any personal data if you hadn’t asked/contracted/paid for it; therfore you are also determining the PURPOSES for processing. How you go about acquiring and using the data also speaks to the MEANS criterion of being a controller. Welcome to the world of being a controller, jointly or alone!

      • 0
      • Reply
      • Share
        Share
        • Share on Facebook
        • Share on Twitter
        • Share on LinkedIn

    Leave an answer
    Cancel reply

    You must login to add an answer.

    What is 8 + 4?

    Forgot Password?

    Sidebar

    Ask A Question

    Trending contributors

    Smurf333

    Smurf333

    • 11 Answers
    Bronze contributor
    Dave_Wylie

    Dave_Wylie

    • 28 Answers
    Bronze contributor
    CRodica

    CRodica

    • 6 Answers
    Rising star contributor
    Andrea

    Andrea

    • 15 Answers
    Bronze contributor
    Atis

    Atis

    • 4 Answers

    Recent questions

    • Anonymous

      Instagram!!

      • 0 Answers
    • Olga

      DPO in EU and UK

      • 0 Answers
    • Smurf333

      DBS scenario with HR retaining excessive information for longer than ...

      • 0 Answers
    • CRodica

      Parties role towards employees data for administrative purposes

      • 0 Answers
    • Donna

      ‘serious harm test’ for health data

      • 0 Answers

    Explore

    • Home
    • Categories
      • GDPR
      • Privacy Management
      • Professional Development
      • Software tips and tricks
      • Polls
    • Help
    • About Watercooler

    Footer

    Your privacy

    • Cookie notice
    • Privacy notice

    Terms and policy

    • Acceptable Use Policy
    • Terms of Use

    © 2021 DPOrganizer. All Rights Reserved. With Love by DPOrganizer.