Pages in topic:   < [1 2]
How will the GDPR affect Proz members?
Thread poster: Tom in London
Tom in London
Tom in London
United Kingdom
Local time: 16:54
Member (2008)
Italian to English
TOPIC STARTER
Read more carefully May 16, 2018

Thomas T. Frost wrote:

....may also...


Not WILL also.


 
Thomas T. Frost
Thomas T. Frost  Identity Verified
Portugal
Local time: 16:54
Danish to English
+ ...
Not a legal text May 16, 2018

Tom in London wrote:

Thomas T. Frost wrote:

....may also...


Not WILL also.


That article is not a legal text. It's just a brief summary.

Here is the GDPR: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN


Article 17

Right to erasure (‘right to be forgotten’)

1. The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

(a)

the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

(b)

the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;

(c)

the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);

(d)

the personal data have been unlawfully processed;

(e)

the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;

(f)

the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

2. Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

3. Paragraphs 1 and 2 shall not apply to the extent that processing is necessary:

(a)

for exercising the right of freedom of expression and information;

(b)

for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(c)

for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3);

(d)

for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or

(e)

for the establishment, exercise or defence of legal claims.


In other words, the right to erase is not absolute; it can be overridden by legitimate interests of others.


 
Tom in London
Tom in London
United Kingdom
Local time: 16:54
Member (2008)
Italian to English
TOPIC STARTER
Right now. May 16, 2018

Thomas T. Frost wrote:
‘right to be forgotten’


I think I'll exercise that right now. Goodbye to this thread ! I've got work to do !

[Edited at 2018-05-16 14:58 GMT]


 
Will Kelly
Will Kelly
United Kingdom
Dutch to English
Contracts May 17, 2018

This seems to be a purely theoretical discussion so far, but I've received a data processing agreement from one of my agencies, which they expect me to sign if I'm to continue as a supplier for them. The contract appears to be based on the model agreement drawn up by the VViN (professional association for translation agencies in the Netherlands) and there doesn't seem to be anything anomalous in there, though I'm a little concerned about provisions pertaining to liability and a right of inspecti... See more
This seems to be a purely theoretical discussion so far, but I've received a data processing agreement from one of my agencies, which they expect me to sign if I'm to continue as a supplier for them. The contract appears to be based on the model agreement drawn up by the VViN (professional association for translation agencies in the Netherlands) and there doesn't seem to be anything anomalous in there, though I'm a little concerned about provisions pertaining to liability and a right of inspection for the client.

Other than translating CVs (which I don't do, because they're fiddly) and holding relevant invoicing information, I can't see why I would be processing personal data.

This one agency won't be the only one sending out contracts. I contacted a few other agencies asking what they would be doing, and they said they would also be sending out something for freelancers to sign.

Are any of you in the same boat?



EDIT: Let me list some of the clauses I'm not entirely comfortable with (not verbatim)...

1) Client entitled to have supplier inspected to ensure compliance.
2) Supplier to provide a certificate from an independent third party confirming full compliance each and every year (at supplier's expense). Client entitled to suspend all payments to supplier until such a certificate is received.
3) Supplier to provide evidence of insurance against claims specifically under this new privacy legislation (not entirely unreasonable, but another expense incurred for something we won't necessarily be doing - handling personal data).
4) Supplier can be fined €100/day for not returning all data after the agreement ends (as all data is supplied electronically, surely just deleting it will do?).
5) Supplier will anonymise all personal translation memories.
6) Supplier will delete projects 4 weeks after completion.

[Edited at 2018-05-17 13:03 GMT]
Collapse


 
Lincoln Hui
Lincoln Hui  Identity Verified
Hong Kong
Local time: 00:54
Member
Chinese to English
+ ...
How will the GDPR affect Proz members? We know the answer now... May 18, 2018

In the short term, it's likely to result in a lot more work for ProZ members.

Luca Tutino
 
Tomasz Sienicki
Tomasz Sienicki  Identity Verified
Denmark
Local time: 17:54
Member (2007)
Danish to Polish
+ ...
Unreasonable clauses May 18, 2018

Will Kelly wrote:

Let me list some of the clauses I'm not entirely comfortable with (…)


Yes, it's becoming a problem.

I also get requests from agencies to sign GDPR agreements with similar worrying clauses. It's one thing to agree to be compliant with the new regulation, but something entirely else to say yes to have your own privacy invaded, and at your own expense. Paying an independent audit provider to certify you have deleted some data? How much is that going to cost? And I doubt it's possible, anyway.

Please, agencies, send us short and uncontroversial GDPR agreements to sign if you don't want to lose half of your translators!



[Edited at 2018-05-18 17:14 GMT]


Luca Tutino
 
Will Kelly
Will Kelly
United Kingdom
Dutch to English
Exactly, but also... May 18, 2018

Most of us will already have agreements in place on matters such as confidentiality, non-disclosure, etc. I'm fine with saying I'll keep the contents of the documents I receive confidential, or won't approach end customers within a certain (reasonable) period of ceasing work for a particular agency. I get that the legislative frameworks are changing, but this smacks of opportunism.

 
Hubertus Mueller
Hubertus Mueller  Identity Verified
United Kingdom
Local time: 16:54
English to German
Just answered request for signing such a GDPR agreement May 30, 2018

I was also sent such an agreement, where they demand that I agree to give them my "data processing facilities" in case of an audit. That's what I e-mailed them back:

Dear Sir or Madam,

thank you for sending me this agreement. However, I have concerns about signing it. It would require me to give my "data processing facilities" for an audit to the data exporter/[the translation agency]. That would be my laptop. I think, this is illegal according to the GDPR, because then
... See more
I was also sent such an agreement, where they demand that I agree to give them my "data processing facilities" in case of an audit. That's what I e-mailed them back:

Dear Sir or Madam,

thank you for sending me this agreement. However, I have concerns about signing it. It would require me to give my "data processing facilities" for an audit to the data exporter/[the translation agency]. That would be my laptop. I think, this is illegal according to the GDPR, because then you or a third party would have potentially access to data from other clients I might have.

What are your thoughts about this?

Also, I'm afraid that I can't agree to send you my laptop for practical reasons, because I need it for work.

Yours faithfully,
Collapse


 
Vito Smolej
Vito Smolej
Germany
Local time: 17:54
Member (2004)
English to Slovenian
+ ...
SITE LOCALIZER
GDPR - the other way around Jun 11, 2018

case in question: as a EU citizen, I would like to hear from site XYZ (like ProZ;) about the following issues:

i) what data do you keep about me
ii) do you share these data, and if so, with whom/based on what authority
iii) what are ways and conditions regarding my right to privacy/deletion of data

In other words, "Habeas data" issue.

TiA

smo


 
Luca Tutino
Luca Tutino  Identity Verified
Italy
Member (2002)
English to Italian
+ ...
My reply Jun 21, 2018

"Thank you for your GDPR related agreement invitation.

Please understand that I am receiving dozens of similar requests which, under the penalty of collaboration stop, seem to imply that I either sign them without reading, evaluating and discussing their content, or take many hours just to do that, and both alternatives do not seem practical or fair.

I will be happy to sign an agreement with your company, should the need arise in future, if you will want to assign one o
... See more
"Thank you for your GDPR related agreement invitation.

Please understand that I am receiving dozens of similar requests which, under the penalty of collaboration stop, seem to imply that I either sign them without reading, evaluating and discussing their content, or take many hours just to do that, and both alternatives do not seem practical or fair.

I will be happy to sign an agreement with your company, should the need arise in future, if you will want to assign one or more projects involving processing of personal data. In the mean-time, I authorize you to keep and process my own personal data insofar this is necessary to further our future collaboration.

Kind regards,"
Collapse


P.L.F. Persio
Tomasz Sienicki
 
Pages in topic:   < [1 2]


To report site rules violations or get help, contact a site moderator:


You can also contact site staff by submitting a support request »

How will the GDPR affect Proz members?







Wordfast Pro
Translation Memory Software for Any Platform

Exclusive discount for ProZ.com users! Save over 13% when purchasing Wordfast Pro through ProZ.com. Wordfast is the world's #1 provider of platform-independent Translation Memory software. Consistently ranked the most user-friendly and highest value

Buy now! »
TM-Town
Manage your TMs and Terms ... and boost your translation business

Are you ready for something fresh in the industry? TM-Town is a unique new site for you -- the freelance translator -- to store, manage and share translation memories (TMs) and glossaries...and potentially meet new clients on the basis of your prior work.

More info »