Morning all,
I am wondering whether I’m overthinking this (hence the Friday question!) – if your organisation buys a “system” from a supplier which requires users (employees) to log in to manage access, and this is a standard feature of this system
(e.g. not part of your specification), who is the data controller for that data? And would this be different if the system were hosted by a supplier rather than if it were hosted by your organisation?
Best wishes,
Michelle
Michelle Brown
Information Manager
Transport for Greater Manchester
2 Piccadilly Place, Manchester M1 3BG
Direct line: 0161 244 1123, Extension 701123
Please do not print this email unless you
really need to.
This email and any files transmitted with it are intended solely for the use of the individual or entity to whom they are addressed and may contain confidential and/or privileged information. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by individuals or entities other than the intended recipient is prohibited. If you are not the intended recipient please notify the sender immediately and delete the email and any attachments. As a public body, Transport for Greater Manchester may be required to disclose this email or any response to it under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act.
This email has been scanned for all viruses and passed through Content Control by the iCritical Email Security System.