For how long do you store customer data?
How will you verify to customers that you are in compliance with the new regulation?
How you handle data protection requirements with any of your sub-processors?
What happens when we receive an email?
What processing operations are done by the Data Processor (ORRO Family)?
Where is your customer data physically stored?
Which of your teams will have access to customer personal information