In the process of working through some old policies and I want to undetrstand if a situation arises. Circumstances: Company A is a payroll provider for lots of clients in the UK. one of the clients move away however Company A retains PII data on the client and the employees of the client. ​ A data breach occurs and some of this data is the clients employees who moved away from Company A 2,3,4,5 etc.. years ago. ​ Does company A need to find a way, to attempt to reach all of these end employees or the client who moved away or whats the best way to deal with this? noting that some of the employ ..read more

The GDPR is a useless piece of trash legislation that serves nothing but the destruction of the internet and websites. Nobody knows or even cares about cookies, or has the time to click a button every time they are searching through websites to find information. It's ugly, trashy looking, and a sensory overload. It's based on as much "Law" as EULAs, which are all unconscionable coercive type of take it or leave it "agreements". No real consideration is given to the person on the website, the button is "accept" or "refuse". Its a joke. Nobody is there for the cookie agreement. But it's shoved ..read more

My son was recently diagnosed with ADD, Dyspraxia and Dysgraphia. He is 12. He is in 6th class in primary school and will start secondary school this August. I shared the report from his Occupational Therapist with all his test results and diagnoses via email with his current primary school. They emailed me today to say they had shared the report with his new secondary school which he will attend from August this year. Surely they should have asked my consent to share this report with his new school? It’s special category data and relates to a minor? They did not ask if it was ok to share it ..read more

My email address is the contact address on a custom Wix website contact form and the website owner hasn’t removed it despite my asking several times (I set the website up for him and transferred to his account but didn’t realise I’d need to separately update the contact form details). I’m now receiving emails from individual “reply-to-randomletters@wixforms.com” addresses for every single submission to the form. Contacting Wix support, they said they aren’t authorised to edit a website on behalf of a user, and when I pushed the fact that I don’t agree to be sent emails, they said they would b ..read more

Student Finance England sent 3 letters containing my full name, course of study and dates, university, and full loan entitlement and customer reference number for my loan to a random UK address. They are claiming there is no data breach because, they sent an email to my MP which was forwarded to me during this period (we were disputing a loan charge on my account) with the address so I therefore acknowledged it as my address, and that the HMRC alerted them of my change of address (although I had no change in my HMRC records of knowledge) and they claim the letters were returned in January to ..read more

Edited for clarification: We students "operate" a car rental company chain, whose parent company is in the U.S. and has several locations in the EU. These EU locations gather information like car rental preferences (size, color, type), trip length, number of party members, renter's driver's license information, email, cell #, etc. from each user either with consent or contract. All users/car renters are told some of the data will be used for marketing purposes and to better serve the customers in future rentals. Users can opt out of some of this data being collected while other data collectio ..read more

given that the company collects no money from sources based in the EU, what would happen to a company who refuses to follow GDPR data standards? submitted by /u/buyingshitformylab [visit reddit] [comments ..read more

In short, been looking for work recently so have been applying to lots of jobs through recruiters. I have just received an email from one of the company directors telling me they are running the London marathon with a ‘just giving’ link to sponsor them. Surely this is not an appropriate use of my contact details? submitted by /u/Nips4BoJo [visit reddit] [comments ..read more

Hello everyone, I am a student, and next year I have to do the internship for university, I would like to do it in the field of GDPR, do you know where I can look for such an internship? submitted by /u/MassiveWeb4695 [visit reddit] [comments ..read more

I work for a small company - no HR or DPO - and I've been asked to review the GDPR policies that we have and be the go-to person for colleagues who have GDPR queries. I had some basic GDPR training a couple of years back (in a different organisation) so I need a refresh before I'll be in position to help anyone else. I'm not looking for a big 'become a DPO' type course - I don't need certification. I only have a small budget (200 euros) and a few hours for a course. There are loads of short courses available but… I've no idea which are reputable and whether or not they provide accurate infor ..read more