iteles
commented
6 years ago If you infer data from the data provided to you, is that covered by GDPR? Grey area: "If you obtain personal data from other sources, you must provide individuals with privacy information within a reasonable period of obtaining the data and no later than one month." https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-be-informed/
Following on from https://github.com/dwyl/hq/issues/404, we need to create a checklist of features/requirements driven by GDPR that we can go through with our clients and on our own applications to ensure compliance before the 25th May 2018.