|Author: ||Alasdair Taylor |
|Updated: ||4 January 2021 |
|Length: ||6 pages |
|Notes: ||7 pages |
|Format: ||MS Word (.DOCX) |
Using this data processing addendum, a pre-existing contract may be made compliant with the EU's General Data Protection Regulation (GDPR) or its UK counterpart.
Under the GDPR, Agreements between “processors” of personal data and their “sub-processors” must include a set of provisions aimed to improve privacy and security. For example, processors should process personal data only in accordance with controller instructions, and so sub-processors should process personal data only in accordance with processor instructions.
This addendum must not be used to revise contracts handling the transfer of personal data from a controller to a processor or from a controller to a controller.