Assign topic to the user
Answer:
“Controllers in common” or “independent controllers” are both processing personal data but independently and for different purposes and there is no requirement to have a document stating their obligations as they are both bound by the controller obligations under GDPR. The GDPR only requires to have such document between controllers and processors or between joint controllers.
This is the reason for which we don`t have such a document in the toolkit. Please no te that the Supplier Data Processing Agreement is not suited to be used in a controller to controller situation.
Comment as guest or Sign in
Aug 23, 2018