Help | Contact

+442071831245

|

[email protected]

Try Now For FREE

GDPR – 7 Key elements you must have in your supplier contracts

If you’re using a supplier to host *any* EU citizens personal data (including log entries, emails, documents, HR records, backups) then when GDPR starts in May 2018 you need to have a written contract with them that includes:

  • subject matter and duration of processing
  • type of personal data and categories of subjects.


And that the supplier will

  • only process on your instruction
  • ensure employees are under strict confidentiality agreements
  • not engage (or change) a sub processor without your approval
  • be responsible to you if a sub processor fails to perform
  • help you response to data subject enquiries

If you fail to to include such terms in your processor contracts, the ICO could fine you the greater of €10m or 2% of total annual turnover. Gulp!
For more detail on GDPR see this article by Rawlinson Butler:
http://www.rawlisonbutler.com/blog/data-protection-need-include-data-processor-contracts/

Related Stories

Subscribe for updates

Get the latest data and security incidents straight to your inbox with our weekly newsletter

Follow Us

Twitter Facebook-square Linkedin
Solutions
Resources
Company
We’re ISO27001 accredited…
We’re also fully GDPR compliant…
We’re also Cyber Essentials certified too!
We give 1% of turnover to charity!
Leave us a review!
  • 2024 OD Consultancy Ltd. All rights reserved
Facebook-square Linkedin

Simply enter your name & email address and we’ll we’ll provide you with early access!

Get instant access to pricing,  checklists, and a free trial!

No Credit Card Required

For more info, see our Privacy Policy.