Guest user Created: Jun 27, 2018 Last commented: Jul 04, 2018

Processor/Controller

1.It is not a processor always a supplier too and vice versa is not a supplier always a processor too. If so, when do we apply the processor agreement and when the supplier agreement?

0 0

Assign topic to the user

Select user

Expert

Andrei Hanganu Jun 27, 2018

2. I should also appreciate if you could have the contents of my two agreement drafts checked for correctness and completeness.

Answers:

1. A processor sould always process personal data on behalf of a controller based on a commercial agreement so your assumption is correct the processor is usually a supplier.
2. As regards to the review of your documents, based on the version of the Toolkit you purchased you are entitled to one document (from the toolkit) to be reviewed.

To learn more about the EU GDPR check out our “EU GDPR Foundation Course” (https://advisera.com/training/eu-gdpr-foundations-course//)

Quote

0 0

Guest

bjornar68 Jul 04, 2018

So why do we need two separate data processing agreements - one for data transfers and one for third party compliance?

Quote

0 0

Expert

Andrei Hanganu Jul 05, 2018

You only need two documents if the third party acting as your processor is located outside the EEA. In this case you need to consider both the requirements of article 28 of the EU GDRPR – “Processors “ https://advisera.com/eugdpracademy/gdpr/processor/ as well as the requirements for cross border data transfers set up in article 46.2.c) of the EU GDPR – “Transfers subject to appropriate safeguards” https://advisera.com/gdpr/transfers-subject-to-appropriate-safeguards/

Quote

0 0

Guest

bjornar68 Jul 05, 2018

Thank you!

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jun 27, 2018

Jul 05, 2018

Expert Advice Community