We do not charge for our services, do we need to comply?
All companies processing personal data must comply with the GDPR, regardless whether payment is charged or not.
Archives: FAQs
Does non-EU based organisation need to comply with GDPR?
According to GDPR Article 3 (2), organisations that are not located in the EU, but processing the personal data of persons located in the EU for the purpose of the offering of goods or services
Organisations operating outside the EU and employing EU citizens.
Organisations operating outside the European Union, but employing EU citizens, must comply with the GDPR requirements. This means that the EU citizens can exercise their rights according to the GDPR, even if the company does
If the company is based outside the European Union do we need to comply with the GDPR?
Yes, any company who is processing personal data of the EU citizens, must comply with the General Data Protection Regulation.
How does the GDPR differ from the previous Directive?
GDPR is a regulation, which means that the regulation will come into force as such. Therefore, regulations have binding legal effect in every member state. Directive on the other hand means that the member states
What is Data Protection Impact Assessment (DPIA)?
If the data processing and the collected data may result in a high risk of the rights and freedom of natural persons companies need to evaluate how their processing model may affect natural persons and
Do I need a Data Protection Officer (DPO)?
Companies need to appoint a Data Protection Officer (DPO) if the company is a public authority, carries out personal data processing on a large scale regularly and systematically, engages in large scale processing of sensitive
What do I have to do in case of data breach?
In case of a data breach, you need to inform the supervisory authority within 72 hours when the breach was found. The notification has to consist of information what was stolen or lost, how the
What are processors and how to handle them?
Any company (or person) that deals with personal data on your behalf are called a Processor (in GDPR language). Examples of processors include marketing companies, accountants, payment and delivery service providers, IT /cloud providers etc.
Right to Data Portability – what does it mean?
Right to Data portability for person means possibility to obtain his personal Data from one service provider and reuse it at another for his own purposes in easy and safe way. It allows to get
