Guest user Created: May 15, 2018 Last commented: May 15, 2018

GDPR Cross Border Agreement Question

I am working on my company’s GDPR compliance documents and am using the EU GDPR toolkit to aid in this process. I have a question regarding cross-border personal data transfers. In particular, my company (as a processor) was given a cross-border agreement to sign (see attached) that we initially thought might make a good form to have our own processors sign. But, in reviewing the EU site, the Toolkit, and applicable law, it appears that you cannot modify the terms of the EU’s form agreements (Annexes 1 and 2) or they become unenforceable.

0 0

Assign topic to the user

Select user

Expert

Andrei Hanganu May 15, 2018

Answer:

Two things, first is that the document is Data Processing Agreement and not a Cross Border Data Transfer Agreement these are two distinct documents.

Regarding the Annexes Data Processing agreement, Annex 1 is consistent with the requirements of EU GDPR article 28(3) – Processor (https://advisera.com/eugdpracademy/gdpr/processor/) and the information in there should reflect the processing activity that is undertake by the processor.

Annex 2 presents just some illustrative measures which shoul d be treated as sample measures taken to ensure the security of processing so they can definitively be changed based on your needs.

To find out more about cross border data transfers check out our webinar “ How to make personal data transfers to other countries compliant with GDPR” https://advisera.com/webinars/how-to-make-personal-data-transfers-compliant-with-gdpr-free-webinar-on-demand/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

May 15, 2018

Expert Advice Community