Data Processor Articles in GDPR
Assign topic to the user
Answer:
The responsibilities of data processors are set out in Art. 28 - "Processors" of the EU GDPR.
These obligations include:
•The processor may only use a sub-processor with the consent of the controller. That consent may be specific to a particular sub-processor or general. Where the consent is general, the processor must inform the controller of changes and give them a chance to object (art. 28(2), art. 28(3)(d));
•The processor must ensure it flows down these obligations to any sub-processor. The processor remains responsible for any processing by the sub-processor (art. 28(4));
•The processor must assist the controller to comply with requests from individuals exercising their rights to access, rectify, erase or object to the processing of their personal data (art. 28(3)(e));
Also, be aware that is impossible to be only a processor if you have employees you will be a controller as regards to the data of your employees the same goes for the data collected via your website (if you have one).
Comment as guest or Sign in
May 20, 2019