There is currently an issue with Windows operating systems, reputed to be related to Falcon Sensor from CrowdStrike. From the description of their tool, the question of GDPR compliance can be asked when is has effected companies that may be processing personal data, such as banks:
Falcon Sensor is an agent that CrowdStrike claims "blocks attacks on your systems while capturing and recording activity as it happens to detect threats fast."
CrowdStrike is recorded on the UK Data Privacy Framework List for transfers of personal data to the US under Article 45, and a link is provided to their Privacy Policy. This requires "Free Registration" to access. [EDIT] It seems this particular instance is more a technical problem than a legal one. While the question is still valid, it is much less interesting.
Is this compliant with the various GDPR rules that a companies privacy policy is generally used to comply with, particularly those regarding Article 45 transfers to the US?
