Audit

Four key points to include in contracts between Data Controllers and Data Processors

Posted on

The General Data Protection Regulation (2016/679), imposes clear requirements controlling the appointment of data processors by data controllers.  One of these is a requirement prescribing various matters which must be stipulated in a written contract (Article 28). As and from 25 May 2018 all agreements between Data Controllers and Data Processors need to meet these new GDPR requirements. This is a major change for many organisations, […]

Compliance

Data Controllers or Data Processors in GDPR?

Posted on

In order to vindicate data subjects’ rights, the GDPR defines two new roles for organisations Data Controllers and Data Processors. This post will outline the roles and obligations for both under the GDPR. Controller or processor Controllers are those who determine the purposes and means of processing personal data. Processors are those engaged in processing personal data on behalf of controllers. To decide of […]