Expert Advice Community

Guest

Supplier Documents

  Quote
Guest
Chris Yates Created:   Mar 07, 2018 Last commented:   Mar 08, 2018

Supplier Documents

In real simple term without naming all the articles - what should I be getting from our supplier to check GDPR and subsequently provide to my customers? I have so far: - GDPR Compliance Questionnaire - Supplier Data Processing Agreement signed - Request their data protection policy? - Request their data retention policy? - Request their Breach Response procedure? Am I on the right path? Thanks
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Mar 08, 2018
The “Processor GDPR Compliance Questionnaire” is meant to asses your suppliers level of compliance with the EU GDPR so you can choose to ask your suppliers that are acting as your processor to fill in the questionnaire or, you can ask your potential supplier to fill it in before deciding to enter into a commercial agreement with them.

You can also ask the supplier to provide some proof of compliance when he answers yes to some questions and the policies and procedures you mentioned can be presented as proof.

The “Supplier Data Processing Agreement” is meant to be an annex to the commercial contract/agreement that you have in place with a supplier acting as your processor. So, is a legally binding document that should ensure that the supplier will process personal data based on your instructions and in compliance with the EU GDPR requirements.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 07, 2018

Mar 08, 2018

Suggested Topics

Dana Created:   Jan 22, 2023 EU GDPR
Replies: 1
0 0

Controller and Processor

wasima Created:   Jan 19, 2023 EU GDPR
Replies: 1
0 1

Sub-processor