Search
Register

GDPR – Main crux points for Indian Side

|

Can I know from a knowledgable expert on #GDPR as to what are the three main crux points. EU companies (one of my prospective customers) are told that they should not share any EU data outside of EU, what exactly is the same and apart from being complaint what measures need to be taken. Secondly does ISO 27001 help here. ?

Re: Would an employee’s official email ID constitute personal data?

|

Official/corporate emails – Yes, in most of the cases. However it depends on the nomenclature – while your example suggests using the name to create the email address which is a general practice, the email itself has Personally Identifiable Information. Personal data is defined by the as “any information relating to an identified or identifiable natural person.”1 This broad definition encompasses work email addresses containing the business partner’s name or any business contact information tied to or related to an individual, such as the individual’s name, job title, company, business address, work phone number, etc. In contrast, personal data does not include generic business names, business addresses, generic email addresses or any other general business information, as long...

Would an employee’s official email ID constitute personal data?

|

Most everyone has official mail IDs relating to the place they work. For example, it could be J.Krl@<company>.com. Would this constitute personal data for the purpose of GDPR when an entity has no other information on him/her other than the email ID? What are the obligations if any under GDPR?

who are the authorized service provider for GDPR compliance validation in new delhi?

|

Seems there is no benchmarking. We are confused who to pay and how much to pay. 

Re: For Indian citizens ,how does the IT Act 2000 articulate protection of personal data and consent sought while accessing data of Indian individuals

|

The IT Act underwent changes as Internet technology grew. In 2008, additions expanded the definition of “communication device” to include mobile devices and placed owners of given IP addresses responsible for distributed and accessed content. Privacy was addressed in 2011 when stringent requirements for collecting personal information came into effect. Section 72A in The Information Technology Act, 2000 90 [ 72A Punishment for disclosure of information in breach of lawful contract. -Save as otherwise provided in this Act or any other law for the time being in force, any person including an intermediary who, while providing services under the terms of lawful contract, has secured access to any material containing personal information about another person, with the intent to cause or knowing...

For Indian citizens ,how does the IT Act 2000 articulate protection of personal data and consent sought while accessing data of Indian individuals

|

# For Indian citizens ,how does the IT Act 2000 articulate protection of personal data and consent sought while accessing data of Indian individuals

Re: GDPR Applicability

|

Monitoring the behaviour of individuals located in the EU Means – a set of data processing you do in relation to a data subject located in EU – for creating a profile, making automated decisions etc. Such as user profiling, shopping pasterns etc. In simpler terms the GDPR restricts “profiling” and gives data subjects significant rights to avoid profiling-based decisions. Thus this impacts monitoring of data subjects  to name few – data gathering and analysis you do for any IT, employee performance and marketing or sales related business needs. For more on this do read the extraterritorial scope of the GDPR.

  • 1
  • 2