|Updated:||29 June 2018|
|Format:||MS Word (.DOC)|
Using this data processing addendum, a pre-existing contract may be made compliant with the General Data Protection Regulation (GDPR).
Under the GDPR, Agreements between “processors” of personal data and their “sub-processors” must include a set of provisions aimed to improve privacy and security. For example, processors should process personal data only in accordance with controller instructions, and so sub-processors should process personal data only in accordance with processor instructions.
This addendum must not be used to revise contracts handling the transfer of personal data from a controller to a processor or from a controller to a controller.