Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

What are legal obligations of websites re: GDPR's?

  • 29-06-2021 10:05pm
    #1
    [Deleted User]
    Posts: 0


    First off, not boards.ie but just say, some EU based website.

    If a user requests a GDPR and they refuse or simply ignore, what's the procedure?

    Say it was information of a delicate and personal nature yet they ignore GDPR requests, is there like a "consumer" right of sorts that can be applied?

    ....

    Anyone well informed on General Data Protection Regulation protocol?


Comments

  • #2
    angel eyes 2012
    Registered Users, Registered Users 2 Posts: 940 ✭✭✭angel eyes 2012


    JohnJoeJames wrote: »
    First off, not boards.ie but just say, some EU based website.

    If a user requests a GDPR and they refuse or simply ignore, what's the procedure?

    Say it was information of a delicate and personal nature yet they ignore GDPR requests, is there like a "consumer" right of sorts that can be applied?

    ....

    Anyone well informed on General Data Protection Regulation protocol?

    You can submit a complaint to the relevant Data Protection Supervisory Authority. For example, the Data Protection Commission is the Supervisory Authority for Ireland and has responsibility for handling complaints as part of its functions.


  • #3
    [Deleted User]
    Posts: 0 [Deleted User]


    angel eyes 2012 wrote: »
    You can submit a complaint to the relevant Data Protection Supervisory Authority. For example, the Data Protection Commission is the Supervisory Authority for Ireland and has responsibility for handling complaints as part of its functions.

    Say the company itself was based in, for the sake of argument, the Netherlands?

    GDPR applies to the EU as I understand, how would I go about finding the authority for that state?

    Perhaps as simple as "Data Protection Supervisory Authority for Country X" into my search bar?


  • #4
    athlone573
    Registered Users, Registered Users 2 Posts: 724 ✭✭✭athlone573


    If its a large company, they should have a nominated GDPR contact person, and it would be worth sending them a flat email (Subject Access Request) telling them what you want, before escalating to their local Office of Data Protection. They have a certain number of days to respond fully, can't remember offhand.


  • #5
    [Deleted User]
    Posts: 0 [Deleted User]


    JohnJoeJames wrote: »
    Say the company itself was based in, for the sake of argument, the Netherlands?

    GDPR applies to the EU as I understand, how would I go about finding the authority for that state?

    Perhaps as simple as "Data Protection Supervisory Authority for Country X" into my search bar?
    If you are an EU citizen GDPR applies even if the website is not in the EU


  • #6
    IRE60
    Registered Users, Registered Users 2 Posts: 1,884 ✭✭✭IRE60


    The site has to have a cookie policy document on their website. In that, there should be a nominated contact. I believe (If memory serves me correctly) they must reply with in a certain time period. So, the best place to start is with their cookie and/or privacy document


  • Advertisement
  • #7
    [Deleted User]
    Posts: 0 [Deleted User]


    SoulWriter wrote: »
    If you are an EU citizen GDPR applies even if the website is not in the EU

    Can the Irish Department of Data Protection manage GDPR issues for overseas states provided they're within the EU?

    As in, I wouldn't have to contact the Data Protection Department for the Netherlands specifically?


  • #8
    athlone573
    Registered Users, Registered Users 2 Posts: 724 ✭✭✭athlone573


    JohnJoeJames wrote: »
    Can the Irish Department of Data Protection manage GDPR issues for overseas states provided they're within the EU?

    As in, I wouldn't have to contact the Data Protection Department for the Netherlands specifically?

    They're busy people but they should be able to point you towards the Dutch data regulator.


  • #9
    [Deleted User]
    Posts: 0 [Deleted User]


    JohnJoeJames wrote: »
    Can the Irish Department of Data Protection manage GDPR issues for overseas states provided they're within the EU?

    As in, I wouldn't have to contact the Data Protection Department for the Netherlands specifically?
    I'm not sure, I would say you would hav eto contact the Data Protection Department for the Netherlands. A friend of mine had an issue with a site in Sweden. Someone posted an offensive message about him and the site would not remove it. He contacted some one in Sweden.When he copied the email to the site it came down pretty quick


  • #10
    [Deleted User]
    Posts: 0 [Deleted User]


    SoulWriter wrote: »
    I'm not sure, I would say you would hav eto contact the Data Protection Department for the Netherlands. A friend of mine had an issue with a site in Sweden. Someone posted an offensive message about him and the site would not remove it. He contacted some one in Sweden.When he copied the email to the site it came down pretty quick

    Yeah, the state whom I'm trying to negotiate is a total circus.

    Their site does not translate to English and the relevant links give a "this page does not exist" read out.

    Fingers crossed the Irish department will be able to mange this.


  • #11
    [Deleted User]
    Posts: 3,505 ✭✭✭ [Deleted User]


    JohnJoeJames wrote: »
    If a user requests a GDPR and they refuse or simply ignore, what's the procedure?
    You can't just request 'a GDPR'. You need to be clear about what you want them to do.
    Say it was information of a delicate and personal nature yet they ignore GDPR requests, is there like a "consumer" right of sorts that can be applied?
    Data subject rights.

    As for who the Netherlands Authority is, https://autoriteitpersoonsgegevens.nl/en/contact-dutch-dpa/contact-us


  • Advertisement
Advertisement