How to Capture Personal Data in a Form

Roland Costea
A free video tutorial from Roland Costea
Privacy & Security Director
4.5 instructor rating • 7 courses • 20,251 students

Lecture description

GDPR training course - personal data form

Learn more from the full course

Build EU GDPR data protection compliance from scratch (CIPT)

2020_FREE GDPR Templates & Documentation - Practical GDPR Blueprint - CIPT,CIPM,CIPP/E certification preparation

12:31:39 of on-demand video • Updated November 2020

  • Lessons from ex-Microsofter and IBMer
  • Will have a list of 61 templates/documents that will help them start GDPR programme
  • Understand what GDPR needs in order to achieve compliance
  • Go for CIPT, CIPM and CIPP/E certification by IAPP with a comprehensive learning plan explained in lesson 4
  • Will have a GDPR implementation guide
  • Understand Online privacy issues
  • Understand technologies with privacy considerations and core privacy concepts
  • Understand how technology will help in achieving compliance
  • Understand lawful processing from HR point of view
  • Understand how to work with Cloud Service Providers (CSPs)
English Hi guys. In this lesson we'll discuss about the personal data capture form that you may find on the link. This is the 7.6 document. Here, is the already completed form, for different areas of the infrastructure, and practically is the website, there is a sale on the Website, there is a post-sale review, it's a newsletter, it's a provisioning of updates, there is a feedback survey, post sales support, downloads, Linked-In connections, again pre-sales inquiries and human resources. This could happen also in your company. This could be a lot more, here, but practically in this project or business process you get personal data items, like Name, email addresses, phones, credit card details maybe, IP addresses and a lot of different other things, employee Name, Address, Sallary, bank account, so on and so forth. And practically you may complete here with sort of description about that., if there's a special category of personal data, if there is obtained from data subject, so practically they give the consent. Who is the owner? What department more or less, or what specific person in your organization and what's the processing purpose? There is a lawful basis of processing. If there is a contract it is just consent. If there is a law in place or if consent-based, how is consent obtained. And usually it's maybe not obtained and you need to perform a change over here or customer explicitly signs up for the newsletter let's say. If there is automated decision making in place, if there is location store of that data, more or less it could be a payment processor, it will be your web server, your file server, your mail server. The country it is stored, retention period, if there is encryption access control or any other sharing with different third parties. Again you may have comments usually from the auditor or from the one who is performing this capture form for all these business processes or projects. Here are some hints in how to complete or practically different actions from the file over here, let's say number three in the reference, it says customer telephone number and hearing the actions for number three you can see "decide if telephone number is required to be captured". So practically and this is by when, and narratives and description over here in the status that it's open or not open. And these are actions that you maybe need to discuss internally and see if you really need it for you to take this. And then you practically have for this document a lot of completion instructions of what these data really mean and what should be considered and what should look for, for all these. What does automated decision making means? So practically It means that the business process involves a decision based solely on outmoded processing which may significantly affect the data subject. And you have to read this and then to fill in this form for all your processes, business processes or projects within your organization.