Sign Up

What is 8 + 4?

Have an account? Sign In Now

Sign In

What is 8 + 4?

Forgot Password?

Don't have account, Sign Up Here

Forgot Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

What is 8 + 4?

Have an account? Sign In Now

Please type your username.

Please type your E-Mail.

Please choose an appropriate title for the question so it can be answered easily.
Please choose the appropriate section so the question can be searched easily.

Type the description thoroughly and in details.

What is 8 + 4?

Sign InSign Up

Watercooler by DPOrganizer

Watercooler by DPOrganizer Logo Watercooler by DPOrganizer Logo

Watercooler by DPOrganizer Navigation

Search
Ask A Question

Mobile menu

Close
Ask a Question
  • Home
  • Categories
    • GDPR
    • Privacy Management
    • Professional Development
    • Software tips and tricks
    • Polls
  • Help
  • About Watercooler
Home/ Questions/Q 7669
Next
In Process
Anonymous
  • 0
Asked: June 17, 20212021-06-17T20:00:08+01:00 2021-06-17T20:00:08+01:00In: GDPR

Indirect suppliers

  • 0

Interested to hear people’s thoughts on something I’ve been involved with a lot lately as employees receive more benefits.

My global company is procuring a mental well-being a service/app as part of a drive to encourage employees to take care of themselves. Individuals log their mood/activity etc and it in return get personalised tips to improve their mental well-being. The company gives no data to the providers and gets nothing in return. it’s just paid for access for all employees and promoted it on the intranet (reinforcing that this is in no way mandatory). We can take it or leave it.

What would your thoughts/involvement be as a privacy pro?

  • 2 2 Answers
  • 0 Followers
  • 0
Answer
Share
  • Facebook

    2 Answers

    • Voted
    • Oldest
    • Recent
    1. HellenB

      HellenB

      • 2 Questions
      • 83 Answers
      • 0 Best Answers
      • 79 Points
      View Profile
      HellenB Silver contributor
      2021-06-23T10:49:58+01:00Added an answer on June 23, 2021 at 10:49 am

      I would agree with Dominga.
      The company’s duty in recommending the product is to do the appropriate due diligence to ensure that it conforms with the company’s general privacy policy. It shouldn’t be sharing employee data with any third party without consent in this instance

      • 0
      • Reply
      • Share
        Share
        • Share on Facebook
        • Share on Twitter
        • Share on LinkedIn
    2. Dominga Leone

      Dominga Leone

      • 0 Questions
      • 20 Answers
      • 0 Best Answers
      • 21 Points
      View Profile
      Dominga Leone Bronze contributor
      2021-06-18T13:26:45+01:00Added an answer on June 18, 2021 at 1:26 pm

      My thoughts would be that the company providing the app are an independent Controller and that you definitely shouldn’t send them details of employees or create accounts on their behalf. If employees decide to download and sign up for the app then, the app provider will be responsible for complying with data protection standards and informing the individuals how data will be processed. However, if I were DPO at your company, as the employer, I would want to make sure that the company I am promoting is not a cowboy and that they have the right standards in place, because once an organisation is logging moods, behaviours etc, they start to have access to sensitive data and they need to protect it, also making sure they can fulfil all their duties like DPIAs, DP by design, informing the data subject etc. Their business model sounds like it should be watertight in terms of data protection.

      • 0
      • Reply
      • Share
        Share
        • Share on Facebook
        • Share on Twitter
        • Share on LinkedIn

    Leave an answer
    Cancel reply

    You must login to add an answer.

    What is 8 + 4?

    Forgot Password?

    Sidebar

    Ask A Question

    Trending contributors

    Smurf333

    Smurf333

    • 11 Answers
    Bronze contributor
    Dave_Wylie

    Dave_Wylie

    • 28 Answers
    Bronze contributor
    CRodica

    CRodica

    • 6 Answers
    Rising star contributor
    Andrea

    Andrea

    • 15 Answers
    Bronze contributor
    Atis

    Atis

    • 4 Answers

    Recent questions

    • Anonymous

      Instagram!!

      • 0 Answers
    • Olga

      DPO in EU and UK

      • 0 Answers
    • Smurf333

      DBS scenario with HR retaining excessive information for longer than ...

      • 0 Answers
    • CRodica

      Parties role towards employees data for administrative purposes

      • 0 Answers
    • Donna

      ‘serious harm test’ for health data

      • 0 Answers

    Explore

    • Home
    • Categories
      • GDPR
      • Privacy Management
      • Professional Development
      • Software tips and tricks
      • Polls
    • Help
    • About Watercooler

    Footer

    Your privacy

    • Cookie notice
    • Privacy notice

    Terms and policy

    • Acceptable Use Policy
    • Terms of Use

    © 2021 DPOrganizer. All Rights Reserved. With Love by DPOrganizer.