Guest user Created: Apr 13, 2018 Last commented: Apr 13, 2018

GDPR - processor to controller

What documents must we, acting as a data processor, supply to data controller so we can confirm our compliance with GDPR? And vice versa?

0 0

Assign topic to the user

Select user

Expert

Andrei Hanganu Apr 13, 2018

Answer:

EU GDPR article 28 – “Processor” https://advisera.com/eugdpracademy/gdpr/processor/ requires controllers to “use only processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject.” Thus, is the controller that needs to be sure that it uses processors that are complying with the EU GDPR requirements not the other way around.

In the EU GDPR Documentation Toolkit you can find in folder 7 a “Processor GDPR Compliance Questionnaire” which can be used as a benchmark in assessing a processor’s compliance with the EU GDPR. This document can be used also to further build up a methodology for auditing your most important processors.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Apr 13, 2018

Expert Advice Community